031d2aa9060606293d8d8e0e3f82ba6564ea5b0eb323814ed7264952f299b22b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

031d2aa9060606293d8d8e0e3f82ba6564ea5b0eb323814ed7264952f299b22b
Size

621KB
MD5

8e6a02692dccebcb6d3cff3194aa4e64
SHA1

5242f4027d8b469ed3c6fbeecb44132b67640c0a
SHA256

031d2aa9060606293d8d8e0e3f82ba6564ea5b0eb323814ed7264952f299b22b
SHA512

2cf26cef2292d7580101f3a7b86dc9dc7ec770ce0e1776994f8c31d47db94f82f744747c72667e4376f9ba4706da83fef2956152eba46e0965d0b56b2ec675e5
SSDEEP

12288:L8hn/QAuoiDa6n+ljpWjK8TJLz+cjWk9TfhKR5v+72L4AYLdPEm2kdFE:L70ipm0jmcSOhGA+uM6de

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
031d2aa9060606293d8d8e0e3f82ba6564ea5b0eb323814ed7264952f299b22b
unpack001/out.upx

Files

031d2aa9060606293d8d8e0e3f82ba6564ea5b0eb323814ed7264952f299b22b
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1024KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 574KB - Virtual size: 576KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ