b723d01df8e7293c557ab07a2b16f851 | Triage

Sharing

General

Target

b723d01df8e7293c557ab07a2b16f851
Size

177KB
MD5

b723d01df8e7293c557ab07a2b16f851
SHA1

b71d95f471b286eeeecae38dbb812b04f1f416b3
SHA256

38e9c452b818059076d8ba5cb595b1afb54c0eba3e7c7f1db7f80588eeb14822
SHA512

348661f06f424d14c169bcd65f0dbed5d2f35c086398951636bb3ced6b9a6f0a3f4caa8ad4af64cf0051c6eef36716f5feb0d597e841afd84312794f7e48688d
SSDEEP

3072:R/CHLi8gWHQjPoOWuYo5dHTHQlOSPBxpieCNpr/DjEbkOCjr6p92ZfYFxb5Rq7/G:93QHQ0O5Yo5lTwl7P0eCbrbYMEsZwdYC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b723d01df8e7293c557ab07a2b16f851
unpack001/out.upx

Files

b723d01df8e7293c557ab07a2b16f851
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 296KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 125KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 380KB - Virtual size: 376KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ