8f7e12a4020da226bd93b1bfea984fd2ebca1ff32f98ef1e3581837fb5246803 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f7e12a4020da226bd93b1bfea984fd2ebca1ff32f98ef1e3581837fb5246803
Size

815KB
MD5

47983eb929faff12e7f2cb7ad3413edc
SHA1

2cecb195af36649d227156318b84ecf43f0bd070
SHA256

8f7e12a4020da226bd93b1bfea984fd2ebca1ff32f98ef1e3581837fb5246803
SHA512

cff5dffd38f482b9b553552c0d78e4b432ccd43dbd16ad8c5dde92a774ca7f88afae55c640081abf627457144621ffae1481ac3f66e726ae77ae18bd9f7abeba
SSDEEP

12288:CNspzoDLqIFAtMpXfP5bpfQ+ovv3b+cpVvAe+vJhEZDdvwKVGwtrWpeaOJfzBKQu:URFKgX5bS/b+cpVYaRI2Guh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8f7e12a4020da226bd93b1bfea984fd2ebca1ff32f98ef1e3581837fb5246803
unpack001/out.upx

Files

8f7e12a4020da226bd93b1bfea984fd2ebca1ff32f98ef1e3581837fb5246803
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 988KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 721KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 832KB - Virtual size: 831KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 408KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ