04212d0f05b724d3cc890e6cf9a59bb3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04212d0f05b724d3cc890e6cf9a59bb3
Size

118KB
MD5

04212d0f05b724d3cc890e6cf9a59bb3
SHA1

a61adea202ba9a31efea3a3be9b3a6ad72a83404
SHA256

43b38e546807efc5e405d60e6b5e9a486fdf71eee80003d15778a07f410c2649
SHA512

58fbc5c1ab1545e8d97b7b9e7daac1388795d8982ecdc25ea67d873546f671213bf71e412db10016a748c22bd7dc350dd274b43d628321af96ca364d0d676186
SSDEEP

3072:rB4QIEg+pZbMD32qSofwIazMRdXfeXXx3+/bhV6a:0B+pcNFqsfeEDh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
04212d0f05b724d3cc890e6cf9a59bb3
unpack001/out.upx

Files

04212d0f05b724d3cc890e6cf9a59bb3
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 164KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 230KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE