d66453fff9d2fa0efdb34012a900cd51e6e6e8afc9b146bbb1fdbcd6e7c6ecb2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d66453fff9d2fa0efdb34012a900cd51e6e6e8afc9b146bbb1fdbcd6e7c6ecb2
Size

1.7MB
MD5

1ae7c5f7b263780ddb3a9f9a9fa31224
SHA1

c67a38569e2587f7394eaf7b71caa7f1cbd46e66
SHA256

d66453fff9d2fa0efdb34012a900cd51e6e6e8afc9b146bbb1fdbcd6e7c6ecb2
SHA512

a3b1271d05514877c520aedcdda1c17b47286b91cba4ef903b63b276cc696f9d08109ea397c6d69a9feaf39942154ea70320241c805422143e475c513d0429e5
SSDEEP

49152:gNu0EfVxZduP/npXQn8faKShExrS359MEdl:gNuLypXQchxrSJ9tl

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
d66453fff9d2fa0efdb34012a900cd51e6e6e8afc9b146bbb1fdbcd6e7c6ecb2
unpack001/out.upx

Files

d66453fff9d2fa0efdb34012a900cd51e6e6e8afc9b146bbb1fdbcd6e7c6ecb2
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 880KB - Virtual size: 876KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ