4adb247b9e6144142fe0d94efe6a1a325553de65a94f273bc6e8908cbdb7cf77 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4adb247b9e6144142fe0d94efe6a1a325553de65a94f273bc6e8908cbdb7cf77
Size

472KB
MD5

1ccb80bb3c023a778d08016caf17d21d
SHA1

35a4e6a3c0250644c8922ff79c5ce346fdb5dc5b
SHA256

4adb247b9e6144142fe0d94efe6a1a325553de65a94f273bc6e8908cbdb7cf77
SHA512

4330e82e5aa84ef4e0c3a973a6659497091b6cbca6f70d8399a3a1d8acebfc4a443640af8c4c9d8072867be8dee37efd4fc69c8184845e77d752e6454ebac07e
SSDEEP

6144:A+RnIn5Be+RWcMu8TBhDhECF/B/1FTxsZJIK5jTIvUfzgx7rh3UD2KtWJsU8NquN:hM0u819hE27aZJIU3IIUxh3UJL5

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
4adb247b9e6144142fe0d94efe6a1a325553de65a94f273bc6e8908cbdb7cf77
unpack001/out.upx

Files

4adb247b9e6144142fe0d94efe6a1a325553de65a94f273bc6e8908cbdb7cf77
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 708KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 390KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 585KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ