9eddffc42b6130a69b168bf0723a3fda58fe7d9e22d8ba472560bca97713cdf6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9eddffc42b6130a69b168bf0723a3fda58fe7d9e22d8ba472560bca97713cdf6
Size

733KB
MD5

6815ee11a780db1d736373c2e1a97967
SHA1

6cbfec1a2511918f255638b766764903f4e87945
SHA256

9eddffc42b6130a69b168bf0723a3fda58fe7d9e22d8ba472560bca97713cdf6
SHA512

1aca78660c9912487556de21d96d220b85a33f95b80b05a3e1780cd797553492d5465b97f981e1e3c1f0b0d686dcf5c9c9b9be28c8a3727aec88cfae19dab4a9
SSDEEP

12288:z+y5rYnMitLB+6lP84XqQ7xpBQ+JmQKxkATCvOlbtkQM7UktkxFY0E7sAGIy4:z+yQ5dP5qQLe8bedplbK73uWQLR4

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
9eddffc42b6130a69b168bf0723a3fda58fe7d9e22d8ba472560bca97713cdf6
unpack001/out.upx

Files

9eddffc42b6130a69b168bf0723a3fda58fe7d9e22d8ba472560bca97713cdf6
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 576KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 722KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 588KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 440KB - Virtual size: 438KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ