234a29be8d3a7fe70030639c0389e529 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

234a29be8d3a7fe70030639c0389e529
Size

161KB
MD5

234a29be8d3a7fe70030639c0389e529
SHA1

04f16dae540466ed7500b222b80711acb56d7402
SHA256

fa43aedb7ecdad435654481363b8a75b88c251a38b000f63fd9135590c5ff4a3
SHA512

c0c965fe2b37f69cc20fa204f1af08a093742aa2590ee4aaa2f5d84372d07b05c5c70fea0f5ed0dccfabe613c9e0516b10a86bb1d6fe566791dcfed6eac71c00
SSDEEP

3072:PT79rTmgk9g+sLrt9iJCtCXm2KdaDoNRn+FbJxPHbFEKH7jk8kCG:PnZTmv9gXoJCtpxkDo7nuFxPeKH7jk8M

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
234a29be8d3a7fe70030639c0389e529
unpack001/out.upx

Files

234a29be8d3a7fe70030639c0389e529
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE