d60cfbece8c2823d7c314ecbe462d3b8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d60cfbece8c2823d7c314ecbe462d3b8
Size

57KB
MD5

d60cfbece8c2823d7c314ecbe462d3b8
SHA1

17dda7493a2f7f66dd269dc836e8e610a8b3ab31
SHA256

c242949aca0818b88c6e232a01872c721a4f0edefb46ac1c3cccc2d359f57115
SHA512

facb88dd804ad4c96ffd3fdccbfb7e4ed9a2614e557eb6c67d745c7f74e0851cdf5ff660fad5393e9c73d1570664ee57af72f3999cd42ee28a5713c6b8addc71
SSDEEP

1536:bWSGR3bTLxn2KBYqqG5P3pW230xHGwd6A8w6GrYh:bShD8Ka9G13E23wdGdh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
d60cfbece8c2823d7c314ecbe462d3b8
unpack001/out.upx

Files

d60cfbece8c2823d7c314ecbe462d3b8
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ