adb818f384854f8caec01d9885261eca0de05f4f37c7e30fa77744b7243ae1a6 | Triage

Sharing

General

Target

adb818f384854f8caec01d9885261eca0de05f4f37c7e30fa77744b7243ae1a6
Size

184KB
MD5

742f580700aefcb1b1cc5750dd1a8ef2
SHA1

0fe20886fd83b9f1696febf89df7bc9df9cd9eff
SHA256

adb818f384854f8caec01d9885261eca0de05f4f37c7e30fa77744b7243ae1a6
SHA512

9f5ead271eb705db629e2b81de9231ef97ce040f524db0764be455e8adfc1d34cf2fd3653dc08ce2c52f2869b991e2165ba00e1b196a486f3b0336dc73c0e003
SSDEEP

3072:ESN01tePgeCI2MFz1XOXZte+APb59MzKR5XKjZER/Fy:E1SHjz1XOZteH/MzY/

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
adb818f384854f8caec01d9885261eca0de05f4f37c7e30fa77744b7243ae1a6
unpack001/out.upx

Files

adb818f384854f8caec01d9885261eca0de05f4f37c7e30fa77744b7243ae1a6
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 154KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 40.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ