1911854bde8100b548f7d1fb4f851c6c78c55bf140d3cb0901d551771aca74de | Triage

Sharing

General

Target

1911854bde8100b548f7d1fb4f851c6c78c55bf140d3cb0901d551771aca74de
Size

149KB
MD5

15b834f89cee6531516b2abb6dff82d4
SHA1

ac6dcc6a5c26ca9eb52db3a9868fb5e43d66dc7b
SHA256

1911854bde8100b548f7d1fb4f851c6c78c55bf140d3cb0901d551771aca74de
SHA512

a2afdc9c9927d68ddd1cb4dcb74a7d18777601fe111598460a568c0e14f7d1b63f5921eb76328c59ee883d5182ae62bd84aa2f66a8ed7d3712b64b8476d45b65
SSDEEP

1536:HpHXCZBt8mfEp6GryhOm6+ekTmsZ00aYftIXLUGjZgqjT1oqAkFqtlgzMSjnUAUT:hqj8m8Jpm6+eN0aOGisBoqCtGyAuWxAN

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
1911854bde8100b548f7d1fb4f851c6c78c55bf140d3cb0901d551771aca74de
unpack001/out.upx

Files

1911854bde8100b548f7d1fb4f851c6c78c55bf140d3cb0901d551771aca74de
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 44KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ