b59378c909193a0cca5cab447bcf8790 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b59378c909193a0cca5cab447bcf8790
Size

165KB
MD5

b59378c909193a0cca5cab447bcf8790
SHA1

a653e2bbcd61ea106132559f614015a1f31b1101
SHA256

27f6c00a8ed679c08eb956433187385c5fa3737592a985184f9c2407a7c9a2f9
SHA512

2b0506b2c772849dedb1096f6ad9f6bed423969bb0ab73ba160be4c270b9b9e0dc16116eb9041349469dfcd7094b1937f64a692874c27892ea31747077aa91c7
SSDEEP

3072:5wcB2Zwn096HsWxY9B6dpgld31HsXjAjhfjnosco1H0REFi5taCofYRxYv0snpM1:XAR90JpCd31HYsjh7osc+0Rmhnh4H

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b59378c909193a0cca5cab447bcf8790
unpack001/out.upx

Files

b59378c909193a0cca5cab447bcf8790
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 220KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 139KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ