ba58985b8d799e8aa693657d660df742 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba58985b8d799e8aa693657d660df742
Size

123KB
MD5

ba58985b8d799e8aa693657d660df742
SHA1

6d5f0663ada434ee739c43dc4b9066134a0a6608
SHA256

2f4620d7b313dd50905c8481730959b95ada7e98f85f616ae241e814ce98dc09
SHA512

bfa53c15611d425368dfec86e88ca924c440e4761694ebbd2412e2e95ad0de9d64577f48bb6c2cfc81a5faa3a23167458a8c537edd232e1e17187d300317173b
SSDEEP

3072:Rp4WCU0Ft4a4lolrxkHZs6fqbxbbjsRTNrd08jrGMyRSEe5P:oWj0/4bol+Z/SbxbbjnOrGMyfe

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ba58985b8d799e8aa693657d660df742
unpack001/out.upx

Files

ba58985b8d799e8aa693657d660df742
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 115KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ