4737ae43ac2da52386c34dd0572cfac6[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4737ae43ac2da52386c34dd0572cfac6.bin
Size

45KB
MD5

4737ae43ac2da52386c34dd0572cfac6
SHA1

d921e9351bb3aa8ab8b645de6f5b90d2e136485d
SHA256

e142f948e9f8b88e4c3915413fa07e480cc3f0573e882b4b47f2d244742d78b3
SHA512

3fe1537089ba13c730a490eb07d4e8724813ef83909d8c93d623fe91d958ca99598dd16751ceb956d5946192614f1b57924244d14e65b772a2a9b1fb1e00121a
SSDEEP

768:X0MCcVtD6tKnxpBtdWMHX3jRvlHDImwrv5Gu1NNcwEvzENL:X0MVkKnxXWM3TRpkP4Hw0zENL

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
4737ae43ac2da52386c34dd0572cfac6.bin
unpack001/out.upx

Files

4737ae43ac2da52386c34dd0572cfac6.bin
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ