2cbdc36d8f0c1ba55ebaaae709d5e307 | Triage

Sharing

General

Target

2cbdc36d8f0c1ba55ebaaae709d5e307
Size

91KB
MD5

2cbdc36d8f0c1ba55ebaaae709d5e307
SHA1

7701d8ca325d647a9add61c79eeb83601d749f6f
SHA256

3e03ebc8beb85fb9fee9e34dc1a8b2e9f19fc870bf49b788439bc87ac46caf46
SHA512

65e049b9b6e796dd8a1a5356ddd134b240db9569ed32d829a352ac0e802bbe08a12c61b55ac76856a95178fe15af495aa772b4e19af09163ee3f5d4eca828044
SSDEEP

1536:0B+ia05rlWxbMXqT/oGJRcRR3wQ+ULc+X5OcxRIZg0T6vQSS0:0Aia05rlWGq7oGvjQC+X5fIZgqKQSS0

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2cbdc36d8f0c1ba55ebaaae709d5e307
unpack001/out.upx

Files

2cbdc36d8f0c1ba55ebaaae709d5e307
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE