312a7c16dc620c66bae6e36977363e26fd78ae745ee8e8d839b38b7c50a316d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

312a7c16dc620c66bae6e36977363e26fd78ae745ee8e8d839b38b7c50a316d1
Size

6.4MB
MD5

b7dc7e2b1169f011c09f827336f59bf2
SHA1

1a1a93625a85b4ba3f3aae8694b059e98a7bcf86
SHA256

312a7c16dc620c66bae6e36977363e26fd78ae745ee8e8d839b38b7c50a316d1
SHA512

2f0e8329bd9c218d19ba4c2656491f772db5a064881f67ac2c434c57f70cb9de639a39215eb190f308bce4c1bd0e3c40f7f49b44bcc106521ba93c1807aa6fc3
SSDEEP

196608:gPsleg7A4b8BJBQ6OPx+ygJElchd80luxkBB:FWeOEpgeRxWB

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
312a7c16dc620c66bae6e36977363e26fd78ae745ee8e8d839b38b7c50a316d1
unpack001/out.upx

Files

312a7c16dc620c66bae6e36977363e26fd78ae745ee8e8d839b38b7c50a316d1
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ