276b0f07b8248b0b2d1f9d0b38004f296485f4905f949d468cc93998e136b589[.]exe | Triage

Sharing

General

Target

276b0f07b8248b0b2d1f9d0b38004f296485f4905f949d468cc93998e136b589.exe
Size

204KB
MD5

23cc1acc5a77b6ad2918de04af420a80
SHA1

dac5d9a895de36d1d0170cfbc72f2d8d79751877
SHA256

276b0f07b8248b0b2d1f9d0b38004f296485f4905f949d468cc93998e136b589
SHA512

528bbc3b509e001128c1de7d2e82064e8daf4f888b62b6e0917c6402d5b3970b678a9c64411a171edbb7f87c24f42a8cfe02cffc8608b89697db5863830c6db6
SSDEEP

3072:KQSo7Z54HZKMx4dhECVwQSo7Z54HZKMx4dhECV4:KQSoz4HUK4dh5wQSoz4HUK4dh54

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
276b0f07b8248b0b2d1f9d0b38004f296485f4905f949d468cc93998e136b589.exe
unpack001/out.upx

Files

276b0f07b8248b0b2d1f9d0b38004f296485f4905f949d468cc93998e136b589.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ