335b0e75a874dc26f1108464dafe6213dfcd5ed82dfae3361865c4fd51ce89d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

335b0e75a874dc26f1108464dafe6213dfcd5ed82dfae3361865c4fd51ce89d6
Size

39KB
MD5

2f1be01ca4cde9e6744edd88e6e66072
SHA1

41c556539b8469000b427ac7151ceb4a275f65e3
SHA256

335b0e75a874dc26f1108464dafe6213dfcd5ed82dfae3361865c4fd51ce89d6
SHA512

42948293a06d72593934ab91dcb8df6a63f942c6cd002c92314906fa304fd16096e2466b9bb0b2c7bf45207c9c9af3345a1387c50f38f3e3396a8f5b3e8cdf00
SSDEEP

768:6L6sHXDnKsJDPkEjnHfSMskYvm/6E8Ifh+0RkAzK4m1CiNLR5piKIa/t:6L9XHzbHZskYvm/6E8IJ+0RkAzlm1xNT

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
335b0e75a874dc26f1108464dafe6213dfcd5ed82dfae3361865c4fd51ce89d6
unpack001/out.upx

Files

335b0e75a874dc26f1108464dafe6213dfcd5ed82dfae3361865c4fd51ce89d6
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uOT
Size: 512B - Virtual size: 4KB