e238192f91380f2c9bdffb76918b0dbf601ee136db6dea7e462c4e9b334d4f97 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e238192f91380f2c9bdffb76918b0dbf601ee136db6dea7e462c4e9b334d4f97
Size

517KB
MD5

b37dbef7595b5a4bec658258e3144fa9
SHA1

e1fde5887985662a03aa68c53d61d11f89b342f2
SHA256

e238192f91380f2c9bdffb76918b0dbf601ee136db6dea7e462c4e9b334d4f97
SHA512

46f7ac1d54b907d476c6829db87079f9c798367e01c5f8f8f963715e186a28c956d0a2c2b887abeaedbbddf6004e358b8ee2746aae220b5deddf932ea404518b
SSDEEP

6144:KQSot2v4oAnjyDdU1sL8Lsw9g09Bp0cV07nNoTWwanx:KQtt2vvy+mm8YwBm7fnx

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
e238192f91380f2c9bdffb76918b0dbf601ee136db6dea7e462c4e9b334d4f97
unpack001/out.upx

Files

e238192f91380f2c9bdffb76918b0dbf601ee136db6dea7e462c4e9b334d4f97
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ