a1dff9cb7cea2ea54e1de03dde002709 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1dff9cb7cea2ea54e1de03dde002709
Size

759KB
MD5

a1dff9cb7cea2ea54e1de03dde002709
SHA1

123c27069f075b45cfcc4568435dc2d53a997731
SHA256

7cc525c423260227146554e24946830580c22cccc1497deaed19a7c68fc8b590
SHA512

b77e815eeaf66b60a90be37a4fb52b58f5f1bed86e7046f7b65dc8ab67393b76ce2fff250873993649afe88947052e6bcb9b3168261ac3d8b6d406ec8f858613
SSDEEP

12288:BBtAniKmr2CpVNj6RfklA655NQmH/wABKEgEaYBF/vn0fahqJqrtWFP3VSYd+YuD:7Wni5nWRR6JHjKEgEVBFn0ShRrtAFSKI

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
a1dff9cb7cea2ea54e1de03dde002709
unpack001/out.upx

Files

a1dff9cb7cea2ea54e1de03dde002709
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 336KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 755KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 984KB - Virtual size: 982KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ