bcf55e3e7b00cfba692da5db06a41a9b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcf55e3e7b00cfba692da5db06a41a9b
Size

85KB
MD5

bcf55e3e7b00cfba692da5db06a41a9b
SHA1

e29a54d414d51c07877febe8a42873979cfc89d3
SHA256

7dedf5e9a8e759b65c987d00b81191c1c38507c1a2967352b418f429e7815e2d
SHA512

724c2a208e5dadb1df193e6f2e0f3474d642a7f6db0a47c4830baa1680f0f1efea458cc5d8f50e1fac7c44461369499a4ff723a1123f8ccfd7a602e3f2dea179
SSDEEP

1536:N/XgH45mh+O7m8YK6FsTnhqAZM186lipf2TBGqFB6ZTXTiGdB7SqYH/AVa5AoBV:hgH4Uh+Km8jqB1HPBGqFgpeGf7Sqk/AG

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
bcf55e3e7b00cfba692da5db06a41a9b
unpack001/out.upx

Files

bcf55e3e7b00cfba692da5db06a41a9b
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE