8e1b48e7bd64a5d5ea4e059d18b916fe | Triage

Sharing

General

Target

8e1b48e7bd64a5d5ea4e059d18b916fe
Size

198KB
MD5

8e1b48e7bd64a5d5ea4e059d18b916fe
SHA1

02028e75fa5fabfc3403df298df595676d87e489
SHA256

ba23ca67f473d7ed788f9ba3ff9f69948e9a0ee822835e5287d399cd588b2f47
SHA512

5fabe29ef6f79d7c521838d7af352064be8823640447282001a3895784e53804d31fbdf5797c73d1635e9ccce5f75dc20695841b7b5317fd7f741b64f7f1a40e
SSDEEP

3072:d5YA8TSjzcTT1O5c7aUkNCS2PEiPhMQ6nNjuUjeEU0/6v8/72W3aeJUVE8:d60faEc7aUkkzPEFNbDUuPzXUVh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8e1b48e7bd64a5d5ea4e059d18b916fe
unpack001/out.upx

Files

8e1b48e7bd64a5d5ea4e059d18b916fe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 124KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 189KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ