8ab457d5dc28ca8682211d5e7b5c4a66 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ab457d5dc28ca8682211d5e7b5c4a66
Size

38KB
MD5

8ab457d5dc28ca8682211d5e7b5c4a66
SHA1

bff6f7e64fe4cb0860b8847b5b8490e269f6888a
SHA256

5b77a76d977620654a223025606c44211e7f27c51da2bceec2d992a157bd28dd
SHA512

a4db1758069897814d57825b76f78d0da60ffcd4a1398ce314e7d4a293c5da90edc8d377af286c7284600fa67de5b4e8110b0bd91deb0ac28e0057403d881da4
SSDEEP

768:vphebYGoQkOIRqmsNksfOpMmRCJdXx204KCsFuQ9i+pjTSlc2DeZDxztH+dNb:GbYGoONksMtCt204K/PtoDGDR9A

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8ab457d5dc28ca8682211d5e7b5c4a66
unpack001/out.upx

Files

8ab457d5dc28ca8682211d5e7b5c4a66
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE