bc8b269f67c881991b07b03683b5cec3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc8b269f67c881991b07b03683b5cec3
Size

9KB
MD5

bc8b269f67c881991b07b03683b5cec3
SHA1

7ecbf03f28214fcd45d46de1d7fcd366671cffc6
SHA256

f5d15394ade901da5e243fd226d82df3327237aebcad560e75dc7745ad226e42
SHA512

45173c2cf09f1aa792d669429cd791a9b2914a7d660b3e0825c83b857aece92fd0a820d1338dccee25b43e4489533b2f1f248f5b4206ee724b8fa4d853165378
SSDEEP

192:zaJXE8fuG4Jlv8bHH+HeYBZVJTYrecE4fBp7qHliKToCk0oQpJZyIz4w:sXEBjUbHe5B/oecE4phWMgjXB

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
bc8b269f67c881991b07b03683b5cec3
unpack001/out.upx

Files

bc8b269f67c881991b07b03683b5cec3
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ