8c402d5c57e41e2350b6ef6a3cacd1c3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c402d5c57e41e2350b6ef6a3cacd1c3
Size

149KB
MD5

8c402d5c57e41e2350b6ef6a3cacd1c3
SHA1

61fa1c1cf57ad79e71a3e0857451e5a907681eed
SHA256

6d48eb8cbf438eae0e61d1d0c2cd9059c61b27ccd687fdc4604f18ace29c1096
SHA512

c0addd4661c916c30c2f94cc1e1b6714e0d6e3319c8b668ced152338e7e05021de1292732f0f0c1aafab4fc8292fead39867ddc2a07f68bd4a6810f59a7b76b3
SSDEEP

3072:4kHiTSBzY4/5pdLbY46BGAlPS2/2pgWU5ZWSAM4NTx/Pb0hB:BCjupdLeBGwPZugWIZq/TxL4

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8c402d5c57e41e2350b6ef6a3cacd1c3
unpack001/out.upx

Files

8c402d5c57e41e2350b6ef6a3cacd1c3
.exe windows:10 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:10 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 186KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ