8f0bd306695aed73a7fd556502cb1e2f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f0bd306695aed73a7fd556502cb1e2f
Size

6KB
MD5

8f0bd306695aed73a7fd556502cb1e2f
SHA1

c9190e126ec42d1ebf4c6f5ad94791382f5d6810
SHA256

1ff883f603a655cb64d41952e294c9bb8012ed373a8d62ac6553f9b72bd175e1
SHA512

e01dc6e7985d7bb6c9a63a7bcd2295434feb8e07cec6a27c4b1cc7ce8bbc8f4bab0d1ddba187804f968ae1c709dee5c8c5f2c4a988979fde8ef99c5874b1381d
SSDEEP

96:CtQ7JD4XaB4SPKXAh6gEiGizvjbR47LBK8mF9fshUnVpn:CtQyXaBUVgWUvONKX30h6j

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8f0bd306695aed73a7fd556502cb1e2f
unpack001/out.upx

Files

8f0bd306695aed73a7fd556502cb1e2f
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ