0fa706dbdf4f764acce816fa4ad9cb71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fa706dbdf4f764acce816fa4ad9cb71
Size

67KB
MD5

0fa706dbdf4f764acce816fa4ad9cb71
SHA1

fd860a7d7ce65d4f4feef4ea4d4a7f5c856b2016
SHA256

ed2bc789be857ca9cfdb64b2591d1ef3bcb977f8ba0b56331dd88a6ff6bba22c
SHA512

e10c60faee157b9a198616040de006a6d3af46df740d39d04d6739c745a0613919172f532ea2556f0089215a008f918146103605e9d983b7042ec3863f6ec62b
SSDEEP

1536:Qg0UvZrfLfOx+UmYanENmob1VLbiOrMJG9589U1tTk74wn:QgLv9OAU66HiH8MU1ytn

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
0fa706dbdf4f764acce816fa4ad9cb71
unpack001/out.upx

Files

0fa706dbdf4f764acce816fa4ad9cb71
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ