4eec8836491b07e2105ab6f88654c67c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4eec8836491b07e2105ab6f88654c67c
Size

68KB
MD5

4eec8836491b07e2105ab6f88654c67c
SHA1

d5798b962f7d8db00ef1c43f17880f0c1682c205
SHA256

b124fa053f8181e2be9eab194002e24d428d3a192183ac1c7f45a6432043b85d
SHA512

959c4ad9e212176b8f7d1cff173a208bf12b17ea314555c008cf330a0b2cd6fabf494d6772c0a5667933ca3ebbdc848938407a77e80b3e28be82559daebb1f4a
SSDEEP

1536:P/wn+iRfxrtAOr8RThmwFUWJl9eR0TGNEz+9VnEPS2Im:P/otINFUs9k0TGNEz+DE62I

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
4eec8836491b07e2105ab6f88654c67c
unpack001/out.upx

Files

4eec8836491b07e2105ab6f88654c67c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 256KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 316KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE