3b32046c613078f4465671ad6dfa854a0acf9bbd9f375a30fb8c28ec5895d4b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b32046c613078f4465671ad6dfa854a0acf9bbd9f375a30fb8c28ec5895d4b9
Size

1.9MB
MD5

52cfbba7ea38e03546a94378f0ad7618
SHA1

dceca39e64778b3f985e5035fa0bcacd22ccf274
SHA256

3b32046c613078f4465671ad6dfa854a0acf9bbd9f375a30fb8c28ec5895d4b9
SHA512

934591e2dc2b308a0b9484c2aa4dd22adaf9b117ecdd879ff02a41a72292732a4e7b667e397c3b24f5747dc81c9e1d9b1babf47456ffcb1e6f2e466eba553336
SSDEEP

49152:NyKxUOE0iqRr5JoL1vUNPc6EQ3twyDhBOz5cvtle7Pdy/oMV2PpJqK:vxLE0RRlJoR8NPc6EmSyrOz5c3qPdy/r

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
3b32046c613078f4465671ad6dfa854a0acf9bbd9f375a30fb8c28ec5895d4b9
unpack001/out.upx

Files

3b32046c613078f4465671ad6dfa854a0acf9bbd9f375a30fb8c28ec5895d4b9
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ