751daac626833ee1d953f9d637b21a779c6427054e7b9b7750cb15e684ee233e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

751daac626833ee1d953f9d637b21a779c6427054e7b9b7750cb15e684ee233e
Size

156KB
MD5

0e982c1d1f44735271b32f639e625715
SHA1

cad834324f211ed2a07f0ae1c815b89a7a7b43a4
SHA256

751daac626833ee1d953f9d637b21a779c6427054e7b9b7750cb15e684ee233e
SHA512

b14db44282af4613cc47c9c3b240e2641fb6e242d6794a5998d6cebe9f849c3aa7e814f1580495f25cf4574ce651a47c585c1769294b47b8415d7e67dc77bf6c
SSDEEP

1536:CTWn1++PJHJXA/OsIZfzc3/Q8zxY5w4pWHlPEXZzjUq3th5f6utM5vLNinVmWvMS:KQSox5bWHIjN3tj6qnv0b2UrXkbvLh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
751daac626833ee1d953f9d637b21a779c6427054e7b9b7750cb15e684ee233e
unpack001/out.upx

Files

751daac626833ee1d953f9d637b21a779c6427054e7b9b7750cb15e684ee233e
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ