3953d9fb50481c4c1ac15d7032a6977551764743f84d94d10f5202be164f00f2 | Triage

Sharing

General

Target

3953d9fb50481c4c1ac15d7032a6977551764743f84d94d10f5202be164f00f2
Size

1.9MB
MD5

0249e536946ecdee7fc96462981f9051
SHA1

f8d57ca34b945114ab12e9d6ab72f798ed9fe101
SHA256

3953d9fb50481c4c1ac15d7032a6977551764743f84d94d10f5202be164f00f2
SHA512

1893ea7fb7e60a507962ed7efb620478f734f230f1b1f8a6a8541f79dec575dff852b74363048661b9a7de3106593d190846e7edd42da9ba31125fc249497f5d
SSDEEP

49152:BM3dbEnmZgJH6iADNsNn/3JQErFu/fEHHhF/poL9WpTo5pp9P:BOdbEnMgJaB5mn/3JQf/snXpi9WpToZt

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

Processes:

resource
3953d9fb50481c4c1ac15d7032a6977551764743f84d94d10f5202be164f00f2
unpack001/out.upx

Files

3953d9fb50481c4c1ac15d7032a6977551764743f84d94d10f5202be164f00f2
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 980KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.8MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 620KB - Virtual size: 619KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ