0b7e750fd4f4216365b186c27d56010944292fc560187caaf6927d39c0475f3d | Triage

Sharing

General

Target

0b7e750fd4f4216365b186c27d56010944292fc560187caaf6927d39c0475f3d
Size

1.2MB
MD5

4f3c210c1dca2812a5f5ab5204af0452
SHA1

088b32035675b4c6de57b08ca70492eb82bfe2f7
SHA256

0b7e750fd4f4216365b186c27d56010944292fc560187caaf6927d39c0475f3d
SHA512

96172a727d3e0074de190c7f1355b1825b5435c92f2328d5b9f68deaf6aa0a706d206197d0e2e467da37a1b3bd4c97fac27f3e33aa26575b0a6f337e699429ca
SSDEEP

24576:SCPiA4TZzM/LGZfnMkDdNOWvqszPUFc9OuQlzE9fzwJVjDKkdog4w+C0YdMpN5Vn:CtMk/vqszMi9OuQlzE9MJhKkSgv+CLm/

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
0b7e750fd4f4216365b186c27d56010944292fc560187caaf6927d39c0475f3d
unpack001/out.upx

Files

0b7e750fd4f4216365b186c27d56010944292fc560187caaf6927d39c0475f3d
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 468KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 620KB - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 704KB - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ