742b5fba76cdbff0bac49e61f1f5fb67 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

742b5fba76cdbff0bac49e61f1f5fb67
Size

91KB
MD5

742b5fba76cdbff0bac49e61f1f5fb67
SHA1

287d53bb478f3f04b2db1359c60e96667719858e
SHA256

e133aa73d59cc0a11766f2c75e04404b0db41c5de1b855bcfb2eef22d762117b
SHA512

e5a674e1a3a3e7f93820436869c4e047fba10390aa9fe1e3fd6716c2a0fecbb621c186086685e1ab56ad8b2ee9fae0984168e600fbd965c01b0ccf31b6a9f1bc
SSDEEP

1536:OzZvFVX77VTnguU9NTDfTjE0GY8xsHnFJjPNBsn5+6IxcPt1a4/upDyA+Q:Oz5X77VzODXYIHn7jPNK54xclg6aj

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
742b5fba76cdbff0bac49e61f1f5fb67
unpack001/out.upx

Files

742b5fba76cdbff0bac49e61f1f5fb67
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 248KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ