c7c302088696bc5bcf3a80daa22427b2836067ceccc96477b0d625a2cf65b117 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7c302088696bc5bcf3a80daa22427b2836067ceccc96477b0d625a2cf65b117
Size

146KB
MD5

3447c9009711d427febf93ca8bbb0f83
SHA1

d2747717e923303079081ea7434fd7cca4c77a73
SHA256

c7c302088696bc5bcf3a80daa22427b2836067ceccc96477b0d625a2cf65b117
SHA512

1f488b22062337abbdf91f0587dfbc3ffaa6e6a57639a87e9ce09f1040fc819a0d4d4f8bec8a2c10c5ba55bb4e816397c8b8447e2748c5bf6b2f835e3ef898e0
SSDEEP

3072:KQSohsUsxe+erZLZ0G679tBK87jxevj1wecgmbqlb:KQSohsUsxe+eW9tBNxe7Ua

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
c7c302088696bc5bcf3a80daa22427b2836067ceccc96477b0d625a2cf65b117
unpack001/out.upx

Files

c7c302088696bc5bcf3a80daa22427b2836067ceccc96477b0d625a2cf65b117
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ