72476bcd5b368aecf90099ed546ce5ed9c26bd890cd7e3d4e7f5e07713c94479 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72476bcd5b368aecf90099ed546ce5ed9c26bd890cd7e3d4e7f5e07713c94479
Size

5.5MB
MD5

746ccdc6a17d4d0c8371bc2803b0747e
SHA1

df7b13de10d68becf6182499f8992bc06e340b83
SHA256

72476bcd5b368aecf90099ed546ce5ed9c26bd890cd7e3d4e7f5e07713c94479
SHA512

d00449cea7eac3156fbb1b5d495a22ac9e8b6a1c75d2e2ea057aff66e728ef7688c01430d05b71a3bd092391512102fca0e67917967aed29a7fce53a0ec29dbd
SSDEEP

98304:WGzgrBKf843r5kAmR/bDq5BtD8y8soVkTsfUs2B51Zv+hxoZ6tQvNfXfhWKT/YBl:Mcf84b5CR/qDfBWkgj2BVw2BjTQvv

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
72476bcd5b368aecf90099ed546ce5ed9c26bd890cd7e3d4e7f5e07713c94479
unpack001/out.upx

Files

72476bcd5b368aecf90099ed546ce5ed9c26bd890cd7e3d4e7f5e07713c94479
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 743KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 888KB - Virtual size: 885KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 412KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ