d3edf82810b60e280b0b3abb177e9fea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3edf82810b60e280b0b3abb177e9fea
Size

30KB
MD5

d3edf82810b60e280b0b3abb177e9fea
SHA1

b266aea3c436bbf4d9691bcf79a8f77561c22ace
SHA256

bb14a201627c9de9d87fe0edfe29622a2b4cb03117bc657864e8c3dcae9e8915
SHA512

35a0cba7384a4623cbe9ea31f707dcfcdf9252fcefc6ffc3b7529ce59242cabf42499a408e693829b4a070974ab37fe63ae2d94b1bfb8805b44c77529fff30ba
SSDEEP

384:stIaZ0/UVEOPGzT97Ndj7dDk8Pj5XgVNcyLRuUcNezS3wjnagL+31hwuCLSsNqan:H/k7mTZnj7dDk8PWVO9Neu3EOEzHNZ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
d3edf82810b60e280b0b3abb177e9fea
unpack001/out.upx

Files

d3edf82810b60e280b0b3abb177e9fea
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE