b970a7f5e0884bb7e0f40ad911fe43c171623771a2535ea350374541a76a191d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b970a7f5e0884bb7e0f40ad911fe43c171623771a2535ea350374541a76a191d
Size

679KB
MD5

5c4738b7da01683d5242930300d69369
SHA1

defae7ba4759121fa2db350648783f2a6410906b
SHA256

b970a7f5e0884bb7e0f40ad911fe43c171623771a2535ea350374541a76a191d
SHA512

19f333f4c764e312907414994fc53cecf65fb29507611757ef3ae4a00a1366d363f7a4c7de65294eb1f5f89919bde78ee00377f27ea9d380b2c98135e77adb6f
SSDEEP

12288:oe1GT+lb8YIGtE8Y/gqgdJLcNqDyMG2xJeKo3jGRcTnnmvK9LBV:oe1GTU8YxtE8Yoq3NbMLxJenjG6TnY+N

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b970a7f5e0884bb7e0f40ad911fe43c171623771a2535ea350374541a76a191d
unpack001/out.upx

Files

b970a7f5e0884bb7e0f40ad911fe43c171623771a2535ea350374541a76a191d
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 653KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 492KB - Virtual size: 491KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 404KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ