737c393d1853be8729953fd3fb1c75a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

737c393d1853be8729953fd3fb1c75a8
Size

35KB
MD5

737c393d1853be8729953fd3fb1c75a8
SHA1

d2acb280d1eaf8641199aa82ea448a982d61b3cf
SHA256

73de2f28579617a48cf2058cd0df2146fe9e9e8af3751a5013c90e2b8c66d927
SHA512

b06875ba8db17001265aa869f7d6e175362abbb315a2f91811957000aba0908356038dd506162c8a70ef4688904962ed7fb659b6907058bb1caeb29dc1902122
SSDEEP

768:wNPyUSyG+xsTIdjgP7PiD+eccK+DKol27w/ZQk:w9yUa+xUD6Spc8kP

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
737c393d1853be8729953fd3fb1c75a8
unpack001/out.upx

Files

737c393d1853be8729953fd3fb1c75a8
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ