8e1ded76ee18d2d218e82867e563239b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e1ded76ee18d2d218e82867e563239b
Size

185KB
MD5

8e1ded76ee18d2d218e82867e563239b
SHA1

fc3db112f318c72bbed96a341629d15614dfbbe8
SHA256

aa53b7f791f9440e44aac7d5c6978bbd0b293c374644339f84b9e893acee9f35
SHA512

0bee17d0dcfd86e3bb1b9ced530acd3dd1a70224ee4d0c8751c7a1366f5c94c747f3abcc9ce7f7623311f317dce25f34a50d4e038c1bfd0f2297fdf895c214dd
SSDEEP

3072:SvGvd76Eq8aXHYJhvI0jXmjCMTawqEGqGmw8/dO3TvTV2TngCHewD1qJx7PSo3PW:SvSPq8aX4JhvFmjCaHfDGmwU8TvTV2TR

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8e1ded76ee18d2d218e82867e563239b
unpack001/out.upx

Files

8e1ded76ee18d2d218e82867e563239b
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 177KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 44KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_MEM_READ

.data
Size: 3.0MB - Virtual size: 3.2MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_MEM_READ