c703373ac623cf63fc76d86f32958e3a94a024ca9cbcfb307ad926283517854d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c703373ac623cf63fc76d86f32958e3a94a024ca9cbcfb307ad926283517854d
Size

5.8MB
MD5

f2b9cf5a30004ed9fbc6c1c62d6852ce
SHA1

1c96a6b18445d182d35e5555d091ea9666adf4a6
SHA256

c703373ac623cf63fc76d86f32958e3a94a024ca9cbcfb307ad926283517854d
SHA512

bffc3a964d16cb1c8073894f4cc87f22b3f2323385f9ce63c15829cd45e2729913d102f8d0c12e4ac5f20292eaad597f1940df9ebb3db65b613a9510943e762b
SSDEEP

98304:fx4i1C7Hr1PI5j0sleRYh8k+Z1OkyjK3zB0eZFedCLmU8AvhL/R6mMBcHBQSMBWB:f2zVwusVhMZAcfIWIARXHMaMnEQwdh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
c703373ac623cf63fc76d86f32958e3a94a024ca9cbcfb307ad926283517854d
unpack001/out.upx

Files

c703373ac623cf63fc76d86f32958e3a94a024ca9cbcfb307ad926283517854d
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 8.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8.5MB - Virtual size: 8.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 683KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ