4154c00dc4ca7129e281d092774511c0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4154c00dc4ca7129e281d092774511c0
Size

416KB
MD5

4154c00dc4ca7129e281d092774511c0
SHA1

562025024fd6f91ed2db6fafc5af5c0149de47a1
SHA256

2cf9e4ef9123de2c1c8823962701d0cfed769f5275d2a6403c9670ecd05a7e63
SHA512

96b55fb5fdaf356ae6b03e5b3b86e589e5b67eccf275c3fd9377c8d63c8c0cf804feb4699a174ba7daa75361513a80b291bf6372d79ea5d20773e1de0852ab47
SSDEEP

6144:lvIVNnSMhgaNeoK0zat8GzwzkIXfYnPY9lrhdMwPT318TxtrTOt4UPyFNpk:lQDnSn4K0qjIQnAYwPzSlt2tly1k

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
4154c00dc4ca7129e281d092774511c0
unpack001/out.upx

Files

4154c00dc4ca7129e281d092774511c0
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 17.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe .js windows:4 windows x86 arch:x86 polyglot

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.bss
Size: - Virtual size: 17.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE