6ee21de7f9956be3d59ed72dbb4352df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ee21de7f9956be3d59ed72dbb4352df
Size

408KB
MD5

6ee21de7f9956be3d59ed72dbb4352df
SHA1

607e2566641edd7c0280976930b7b98e2aaa3206
SHA256

e4b41e5dced5516b1dc217cd76de3d86c86f26c3abe66fd4348bdf9e1617a6fe
SHA512

b0dfd70d8356ee02bc748f4c16d63bfb40b232db028a9cc1cfda2cefc2b6a7b4dfc7258b4086c5b20befed12ad6e59b62245f4c6bb2931dc07fc26a93a549e60
SSDEEP

12288:NiZYr4yZtKMdxnlqWKrz5UkaEbGcVmcu3f4uVi2I0rFk6:kZFaKMxEW6FDaEl8cqVDNra

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
6ee21de7f9956be3d59ed72dbb4352df
unpack001/out.upx

Files

6ee21de7f9956be3d59ed72dbb4352df
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 405KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

Sections

��
Size: 133KB - Virtual size: 463KB

Size: 608KB - Virtual size: 4B

Size: - Virtual size:

IMAGE_SCN_CNT_CODE

Size: - Virtual size:

Size: - Virtual size: 144KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA

Size: - Virtual size: