bd113f3649d004c2fd6243e8df6e2792afa4c71de988291bffa7981fee604189 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd113f3649d004c2fd6243e8df6e2792afa4c71de988291bffa7981fee604189
Size

5.1MB
MD5

ea2418f37bc2fd0cfb8782b0dd323953
SHA1

03ba6f83cb332fbd946835576fb369a859525ca5
SHA256

bd113f3649d004c2fd6243e8df6e2792afa4c71de988291bffa7981fee604189
SHA512

6fcd7627d30a69e9d3a45a193e6a742d3261d86566ef1865293dc98b1947fcbed3195261f127090f08a935f930545d99a4361fbf70143db84cb4de31ddc837be
SSDEEP

98304:MsIUB/Ci9V5lNun2qgEHJ2P7F4OM8GtCyETS3JBjB4erHspXNAvW6hdZVDJIFT1T:tIUB/FFun2qOaOuVB4iMpXiNDJIDlYiv

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
bd113f3649d004c2fd6243e8df6e2792afa4c71de988291bffa7981fee604189
unpack001/out.upx

Files

bd113f3649d004c2fd6243e8df6e2792afa4c71de988291bffa7981fee604189
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 380KB - Virtual size: 557KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ