323dfca2afc8b54ce3ad8528a2ef958c9e6325086ac7a3320ce744912df1295b[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

323dfca2afc8b54ce3ad8528a2ef958c9e6325086ac7a3320ce744912df1295b.exe
Size

2.7MB
MD5

2482e963af2238ef53fb09472c273a00
SHA1

0c0c185ed1c24b3316925994f701c2f095b09124
SHA256

323dfca2afc8b54ce3ad8528a2ef958c9e6325086ac7a3320ce744912df1295b
SHA512

ba3bf145d1b5218ebb16c9a4b3ea07ea7d87e170b991121d8a97f24b9c7c7aa044684e49f41ef17da936ab7cd60e47fa0881c43ed8e137d510bd742102cb7022
SSDEEP

24576:KInyDnqYYiUMzgv6x84HpfstUhS0U01ln/WVIYh3YFCWUeueqOsiHnLXU33P9sw9:KeyTWVMMvbWRcMj/zYh3EUeQnFsw8De

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
323dfca2afc8b54ce3ad8528a2ef958c9e6325086ac7a3320ce744912df1295b.exe
unpack001/out.upx

Files

323dfca2afc8b54ce3ad8528a2ef958c9e6325086ac7a3320ce744912df1295b.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ