1364c7eaaa2fe72a64cd03809c51f9ff132f2aa8d4550215f6a4219eadf84d0f | Triage

Sharing

General

Target

1364c7eaaa2fe72a64cd03809c51f9ff132f2aa8d4550215f6a4219eadf84d0f
Size

123KB
MD5

3bf499a58b3b624c9aa984b0fe6a6457
SHA1

eff4106047a2b6fe093f3a84b56d3570c964c53c
SHA256

1364c7eaaa2fe72a64cd03809c51f9ff132f2aa8d4550215f6a4219eadf84d0f
SHA512

9f44a10e806108ce9d2642c65ed5dc0ca58ab1259ccf8450123e796e5881fd37bdd7d5f296090b39cdac73f82391602abce8fa60e7ca800b873d568fb54efccd
SSDEEP

1536:CTWn1++PJHJXA/OsIZfzc3/Q8Q8/8RYlaaGaa1TWn1++PJHJXA/OsIZfzc3/Q8Qi:KQSoskRYsQSoskRYT

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
1364c7eaaa2fe72a64cd03809c51f9ff132f2aa8d4550215f6a4219eadf84d0f
unpack001/out.upx

Files

1364c7eaaa2fe72a64cd03809c51f9ff132f2aa8d4550215f6a4219eadf84d0f
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ