1d1d825f7463348106ac62bc16788bf224bfdbbde7ff44cddc5d2f451c413b87 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d1d825f7463348106ac62bc16788bf224bfdbbde7ff44cddc5d2f451c413b87
Size

810KB
MD5

701dfa103faddcee538dbc5640c8e368
SHA1

ff9a55e819d5535842e1ca0b841cc13130bf6d49
SHA256

1d1d825f7463348106ac62bc16788bf224bfdbbde7ff44cddc5d2f451c413b87
SHA512

0311e4c1b97cb6bdae87de6433ee59386208fd2363876d8c92e441cd25df844fd292b90cca6a2238e99630d8fe6f7ec3f323e401363d7bdbfc652d2fac150e27
SSDEEP

12288:r95ga4VATeAOlOlbVYgG4V1Ii/MW7aSpdQ2Pe0pxySu6kBlq/5b+Ndk3i/wC4na:p5g7V2+lOlbVtGQZpdOl6zBKDHwCH

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
1d1d825f7463348106ac62bc16788bf224bfdbbde7ff44cddc5d2f451c413b87
unpack001/out.upx

Files

1d1d825f7463348106ac62bc16788bf224bfdbbde7ff44cddc5d2f451c413b87
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ