a9b4218e63bc27e23a5674c2904590bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9b4218e63bc27e23a5674c2904590bf
Size

199KB
MD5

a9b4218e63bc27e23a5674c2904590bf
SHA1

ed4845f2e150d98a960834cb719e78a4ba86c8ce
SHA256

136fee9c82fbc1df7f25f401a37472156eb52818f4147b9a3f91d139067eee7e
SHA512

c2b676c2c67603e70e81f544055e39d80469f7e894f3ebb19f5428a4e1b08fa1e5cd9e1c92643f2ef7beaea4872d78d8aff901d66c89941b67abeb42956c8c5f
SSDEEP

3072:SO1K2kO9aFKYkrTPlE1VHNiQNv1nZuKy+0AUxoL3eqYnIfQGf+d3YBxtxeVmAlmR:1Uh0ONiyBxyxo68QGqYBxVumR

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
a9b4218e63bc27e23a5674c2904590bf
unpack001/out.upx

Files

a9b4218e63bc27e23a5674c2904590bf
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 191KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ