98dae9cd2388a872be4e3266fbdc5b41 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98dae9cd2388a872be4e3266fbdc5b41
Size

569KB
MD5

98dae9cd2388a872be4e3266fbdc5b41
SHA1

1ed588be424fa1eb15f96c5f0f3150254b91080d
SHA256

c7f1f7b3eea1a208d1a452d9ef3d9e4b04debe856acfceceec7e7e40e8136c47
SHA512

98fa553911ac33f1a00a437437c199bc58f3e97c55c3442fd0fd1c6990bc93ac42f6cb09d7805bdd8ed712d5555f19b3590f363a74e124367bff532ee4cb9b30
SSDEEP

12288:P+4CwlAUcXa3ym0hFsvU8s88B6XGGlUWgtW68bYlPbvjVQfvh:P+glrurRI9PGWlZgG8bvCh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
98dae9cd2388a872be4e3266fbdc5b41
unpack001/out.upx

Files

98dae9cd2388a872be4e3266fbdc5b41
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 566KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 464KB - Virtual size: 462KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ