22e104adc22b9e58642f50038388d85bf7cc3497344ef5a19ee6467ccf031b45 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22e104adc22b9e58642f50038388d85bf7cc3497344ef5a19ee6467ccf031b45
Size

3.8MB
MD5

61c9792cd57f3576dae7e5106fed0f32
SHA1

311a4aa0fa36a87564c3d8612685e6a177176fb0
SHA256

22e104adc22b9e58642f50038388d85bf7cc3497344ef5a19ee6467ccf031b45
SHA512

0a6f4e71e5a9b2920189098e36c917cea4bbf5f701eba24430684fc03c21a765335aaed118c6a6c3c894ad405f4c75d5cf414c57b4b97d74d6159db25fa05750
SSDEEP

98304:sTR/y09c1bONSNy3zvznFhvAQR7wW+2dW:Otxemnr97R+2o

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
22e104adc22b9e58642f50038388d85bf7cc3497344ef5a19ee6467ccf031b45
unpack001/out.upx

Files

22e104adc22b9e58642f50038388d85bf7cc3497344ef5a19ee6467ccf031b45
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 4.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 808KB - Virtual size: 805KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ