12770128fe6e3209a94cd18952f4e7b38b5b8c5bdce82535dfd7f33d75f44625 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12770128fe6e3209a94cd18952f4e7b38b5b8c5bdce82535dfd7f33d75f44625
Size

20KB
MD5

e485718e36e0017ab6240aa4e19813c9
SHA1

282178021f9c014ca3d6e02c95b0734371c33ee2
SHA256

12770128fe6e3209a94cd18952f4e7b38b5b8c5bdce82535dfd7f33d75f44625
SHA512

baa39b56aabfb19b9741d80d4339965632d4a239a94955ed90d8f1b8c2f773adf1736ac6a172f9aaf5b2e6eb6211f9d4549dc49e3aa797b5f8d5327cb722af9b
SSDEEP

384:QOlIBXDaU7CPKK0TIhfJJcbQbf1Oti1JGBQOOiQJhAT17Jf:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJm

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
12770128fe6e3209a94cd18952f4e7b38b5b8c5bdce82535dfd7f33d75f44625
unpack001/out.upx

Files

12770128fe6e3209a94cd18952f4e7b38b5b8c5bdce82535dfd7f33d75f44625
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ