2e2a1d4440ba3769548d0820b0f1d375371081983c1b8a4c67bc52f0bd987097 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e2a1d4440ba3769548d0820b0f1d375371081983c1b8a4c67bc52f0bd987097
Size

5.0MB
MD5

311a3df057d391873ad99d13314a5b5b
SHA1

f58743779f9f7d5e5a66cf1c9b2adb5a728add88
SHA256

2e2a1d4440ba3769548d0820b0f1d375371081983c1b8a4c67bc52f0bd987097
SHA512

b6d19bd0bfdf526d6d386bf5c7d35501d37b08870d5a8d709bfa3fc5fc2f4dfb445ae1cf2e05d7624edffd3eaabae72f65a5e989184e7edd56855dde6cead05e
SSDEEP

98304:gPhzeleh27J711p+X5qSy7+EOa/qfp+wBc7r6OPx+KrCSzEtJElcok4KKjbPWEo3:gPsleg7A4b8BJBQ6OPx+ygJElchd80lL

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2e2a1d4440ba3769548d0820b0f1d375371081983c1b8a4c67bc52f0bd987097
unpack001/out.upx

Files

2e2a1d4440ba3769548d0820b0f1d375371081983c1b8a4c67bc52f0bd987097
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ