1bf3605bc2425d22a79a6b67119f38555a47e8ca52b8892d32c1ef3085ea15ee | Triage

Sharing

General

Target

1bf3605bc2425d22a79a6b67119f38555a47e8ca52b8892d32c1ef3085ea15ee
Size

4KB
MD5

2743bc15355c995a8b841daca9148b3f
SHA1

a876e84d1ef02d5e84bb9d8091a4321583bd937f
SHA256

1bf3605bc2425d22a79a6b67119f38555a47e8ca52b8892d32c1ef3085ea15ee
SHA512

38ce5907f86306a1f87e1dabdc0bc80fa7da16618a86b140419c61928ec7155cfc0c85d1cbbcd85921ea59254e8fae74286f7cbb4d38391128960ed62609cd5e
SSDEEP

96:f7FnmnG120ZeYDKfT0+uX737LNOhdMAAk2:DFnmnG88DKbTur370hdsk2

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
1bf3605bc2425d22a79a6b67119f38555a47e8ca52b8892d32c1ef3085ea15ee
unpack001/out.upx

Files

1bf3605bc2425d22a79a6b67119f38555a47e8ca52b8892d32c1ef3085ea15ee
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE