ccdbe911d8bc5de1bbce8f2f5dab8b2b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ccdbe911d8bc5de1bbce8f2f5dab8b2b
Size

336KB
MD5

ccdbe911d8bc5de1bbce8f2f5dab8b2b
SHA1

18e0d18a7c3845a71b3435957ea14b32ead09a19
SHA256

91a4b2fe7c46f49b76ecede6590384f5762ab65b9b7c85d1a20957407f7a7696
SHA512

39a72c1b3cfddf9521cfc0b85c44e8cbd29c1f9f58314020831cc87e9a34aad269165028217d77c6373c6c16996a41b905fec747b7b3a5b079efadb6760b8576
SSDEEP

6144:gQH2ArKgbGLtY/8UQ+rrngR7Nq4EcMnMN3Msx0ZzzLLayuKH:gQWd5ZL+rrw7M9ctNl0RHLpJ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ccdbe911d8bc5de1bbce8f2f5dab8b2b
unpack001/out.upx

Files

ccdbe911d8bc5de1bbce8f2f5dab8b2b
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 960KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 258KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ