72986661642401d9037f83c0d8847b31 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72986661642401d9037f83c0d8847b31
Size

30KB
MD5

72986661642401d9037f83c0d8847b31
SHA1

9ba6375b8600cf5f8711b14ecf6b7f966587880c
SHA256

7de52cf61a998dbd9684f44b227382f564b4a748da785ba6e03a58191eed9fbf
SHA512

c52a91a2c358228bb3da96ee540a616c5da25a67ae4c0b03c64bceba6bf994ff578c4ce4acd6dd983aecec73de45dd094d0352bc1b9101d6ecb7ba3028dba1cd
SSDEEP

768:scYMK0HbXo1HrVCHZcOAbwJQmEQ127aCHQ:sLE2RCuEJ5EpmWQ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
72986661642401d9037f83c0d8847b31
unpack001/out.upx

Files

72986661642401d9037f83c0d8847b31
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE