706f1d3d6a0bb344c8c45c532c004f6d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

706f1d3d6a0bb344c8c45c532c004f6d
Size

63KB
MD5

706f1d3d6a0bb344c8c45c532c004f6d
SHA1

a1080e2e5c790457fbf556af3eb47ba3576cd274
SHA256

41dbebe4a63791edaf516a2f4acd4caa40ed1651d6bd24811b903a3addbcd2ce
SHA512

5928695ea4f596aba547dd21a3529687085f92cadf30ad0a80cd2529b300710508f39ff941517a3fa2d5d7a30c159c96cc27037794e1d4496695eb55a555c218
SSDEEP

768:StEduH2bZHwbOdI+o15Osv62ApMzsqp7ZCGnbkdROF0xbvBsKw2s0n4h5hYKlOIx:621Hza+85OEjoqJZCcTF8bv6r0n4hzsK

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/PICT00131.JPG.scr	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PICT00131.JPG.scr
unpack002/out.upx

Files

706f1d3d6a0bb344c8c45c532c004f6d
.zip
PICT00131.JPG.scr
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ