3892ab23e2f94ddb2f18e4da183a7cb7 | Triage

Sharing

General

Target

3892ab23e2f94ddb2f18e4da183a7cb7
Size

721KB
MD5

3892ab23e2f94ddb2f18e4da183a7cb7
SHA1

19648308f6dc2da0ec915d9a4ea09858b6edf3b7
SHA256

51e2970099ce99db60b48e3f01e642b30089d1d874d6b6d2f4f5919da81b9634
SHA512

dcb1ed9b0a1034985ad5ef6ab500ba030b5d8f15c4fe15c535ea05cb3defa7b6fe306216c1be2a769a19e56b0704910bccba35b4aa17c6b2339bfe87dbb6435e
SSDEEP

12288:gIckuz7BK7CsFQaq4Sbsouf+OZu0UfxqadwxBinFz8YH:kkQBK7CSQaq4Sbbuf+OZufIRkFz

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
3892ab23e2f94ddb2f18e4da183a7cb7
unpack001/out.upx

Files

3892ab23e2f94ddb2f18e4da183a7cb7
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 693KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ