dcd7deed94fd8bf30623b20730e8676c4ca4cf75a0f95576b8dd1b421e644a75 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dcd7deed94fd8bf30623b20730e8676c4ca4cf75a0f95576b8dd1b421e644a75
Size

4.8MB
MD5

d17b806659961835c9a03d48b5b97696
SHA1

afcc71d85073d100c251e8b986635e6c45979e95
SHA256

dcd7deed94fd8bf30623b20730e8676c4ca4cf75a0f95576b8dd1b421e644a75
SHA512

122ce1355c4de870b6aefea1402cee2618aec9264c9f9c40fa468bddfa950f5194aa74cbeedc3c69377c5cb411c485798df0846fe6fe0c4ab5aa3e1993d4f32f
SSDEEP

98304:+2HznJX9A/rtunuq7azcUiL9pZ/m+8l+Em2YkcnHc/9jkcR3JVasiE3KjqT2+xFn:+IzJNAjtunuaawXY+F8cnHwKcNiE3goc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
dcd7deed94fd8bf30623b20730e8676c4ca4cf75a0f95576b8dd1b421e644a75
unpack001/out.upx

Files

dcd7deed94fd8bf30623b20730e8676c4ca4cf75a0f95576b8dd1b421e644a75
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 708KB - Virtual size: 707KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ