4cea2b3714e7d2d6fdad20937278f7d3 | Triage

Sharing

General

Target

4cea2b3714e7d2d6fdad20937278f7d3
Size

300KB
MD5

4cea2b3714e7d2d6fdad20937278f7d3
SHA1

8f34e7262ae2ec5fff7f2e93900f5ea93faae5f1
SHA256

f837d4f6b08b438bbc6b4db5bf1ea07b11426661fd7415f4d5c77a5e5893934d
SHA512

156fe095c6752d5ad5e4a43390f9e899ffb0600f4c7da32fdf68bc24409a60ed38285e35884514c246ec384597f3f5e61aadb7d74129f23707b8d0e0533f0319
SSDEEP

6144:YjqrYs85akX+2wwy65F9PM/gqMDgNWzpuoarVQ/reai2TrXQfM4eUwZJM:2p9ply65F9POqDkWpuvW/reGXQft

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
4cea2b3714e7d2d6fdad20937278f7d3
unpack001/out.upx

Files

4cea2b3714e7d2d6fdad20937278f7d3
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 299KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE