08752159ec3c1abada0e24028d3933afd06e1fbb34aea0d95e2f946f8fbebafa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08752159ec3c1abada0e24028d3933afd06e1fbb34aea0d95e2f946f8fbebafa
Size

648KB
MD5

2de3dbd76412ea5551b3a52f9951ecbc
SHA1

cb00dc48e30076de0ddc76e01e2d3a0658162a31
SHA256

08752159ec3c1abada0e24028d3933afd06e1fbb34aea0d95e2f946f8fbebafa
SHA512

92f43a41643fa0c85893292519b761cb50bbd22b50872ef4e9c0a2dd519e9dd5f0cbc502d278136f1dfa0757711d883df465bff081b69a3d8208d89be479cb47
SSDEEP

12288:Ufcg2Diki0Ay9/OS0+rTySVFkPBDk/ad3TjcgD0oA:UXWiki0Ay4S0+rZVyNFThDDA

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
08752159ec3c1abada0e24028d3933afd06e1fbb34aea0d95e2f946f8fbebafa
unpack001/out.upx

Files

08752159ec3c1abada0e24028d3933afd06e1fbb34aea0d95e2f946f8fbebafa
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 508KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 295KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ