ba6fe61f5359fba236ddd386add9c31b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba6fe61f5359fba236ddd386add9c31b
Size

135KB
MD5

ba6fe61f5359fba236ddd386add9c31b
SHA1

a21c346515c0159b4bd8888b40f9f2e950bbb12a
SHA256

301b0935b6d85bcc4f77bd906c3cbd0242e2ad25dfe201b509426474dc712c6c
SHA512

2c9c95160259c18af873cb2d1e5fa6577019cf1b5b2eb89718ab13f178a52cf766e1ce4e10e3f1a7bf735054e1b946ce5a97de275b13e824cd8e0c459cef14b1
SSDEEP

3072:G+pFkDwniSKk/cXKOPg00usL1+zpIZgSIysmDfIPm7CYBdWef8j:GBDXSZcXKOPPsx+dIZPIpmDwPkCYOef8

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ba6fe61f5359fba236ddd386add9c31b
unpack001/out.upx

Files

ba6fe61f5359fba236ddd386add9c31b
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ