37142f1da85813c3a91dfce2c20e1787d0a67565a8a64332306c88af3c7ffab7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37142f1da85813c3a91dfce2c20e1787d0a67565a8a64332306c88af3c7ffab7
Size

3.4MB
MD5

88fd5080498cc3370e948da2f96eed45
SHA1

59770bebb63f4a9c2c8e67316b27a754ae2930e1
SHA256

37142f1da85813c3a91dfce2c20e1787d0a67565a8a64332306c88af3c7ffab7
SHA512

881554f1eb32d63aeab588b10bb47b6fb0d4d45f453a015c170c7a6caafbaa785d1fd87df0560b4d5545372551071a090841e550fc71a90427b67d708dc0899a
SSDEEP

98304:MOUUHwYckPnFrywoYPzTe5RaBrc3YJ5wpLu:MpUHwYjgG76esy

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
37142f1da85813c3a91dfce2c20e1787d0a67565a8a64332306c88af3c7ffab7
unpack001/out.upx

Files

37142f1da85813c3a91dfce2c20e1787d0a67565a8a64332306c88af3c7ffab7
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 420KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ