9dc1e2c5dfe67c4033d361b955bdcff976b1743f7e7e05f8f746ac4ad02bbcbb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9dc1e2c5dfe67c4033d361b955bdcff976b1743f7e7e05f8f746ac4ad02bbcbb
Size

54.6MB
MD5

08633b870756f6f192deccc173a50d5d
SHA1

38b038ae2df503acfbecf4a918bb08997c1a41a1
SHA256

9dc1e2c5dfe67c4033d361b955bdcff976b1743f7e7e05f8f746ac4ad02bbcbb
SHA512

4370ee2d14ff8e31ebe2aacc28371a2dacd488c81fa4fc2b3fb2c1b3f9b094f808a094815537e9593c9b39b1f5e3360f2a7666726ad28bfee007acb3cb313418
SSDEEP

1572864:r0OIHRzaZwAJTDyXW4fCmjZeHJLJDpqPZWHdC:WHlAkmA9epLJD86C

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
9dc1e2c5dfe67c4033d361b955bdcff976b1743f7e7e05f8f746ac4ad02bbcbb
unpack001/out.upx

Files

9dc1e2c5dfe67c4033d361b955bdcff976b1743f7e7e05f8f746ac4ad02bbcbb
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ