8ddc60d1029d00d6167e84b73dca7769 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ddc60d1029d00d6167e84b73dca7769
Size

199KB
MD5

8ddc60d1029d00d6167e84b73dca7769
SHA1

70a46f4d9b18d331a6dbbec637c49316c2c6a14d
SHA256

550ddf6182a8d70e277d0148cf5e268b9404c61c71f44bf44d9f4f6a5830da38
SHA512

9b12a052e3221c1a6110b3cf5922aad7377c3ba073088572896ec54c0de8c445966841d179aa8ffa4aa18b217cfb7e0d538c81700458a7ff6f9bcec8eb680a6c
SSDEEP

3072:w9p/AA34Pb/CRiRYuUR1pqFXcnteFueH0vxqTEAo8RnniyCyV3AdurpiX6n2m8:opH+bKRiSuURDqFXkwFyvxq7DnzCOk

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8ddc60d1029d00d6167e84b73dca7769
unpack001/out.upx

Files

8ddc60d1029d00d6167e84b73dca7769
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 124KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 191KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ