6f7723dc3e2a69b85ff39a0ade4075aeaef6cd2b2e47597593aa1dcd9427a641 | Triage

Sharing

General

Target

6f7723dc3e2a69b85ff39a0ade4075aeaef6cd2b2e47597593aa1dcd9427a641
Size

1023KB
MD5

ac9f1795953233eeae36663a7c63cde2
SHA1

4c20b9eb2224656e304366bd2545803e7a80015a
SHA256

6f7723dc3e2a69b85ff39a0ade4075aeaef6cd2b2e47597593aa1dcd9427a641
SHA512

970fc82c92085e02a7f6b80d1710e600f1a044e0b90c221b678eaeb2e31943610e9f04f4cfaa8f5522b6c2ad53b40c3c8c63e52a07d403b8b67eb0d9f6abe8e4
SSDEEP

24576:fkxiXgtYCDRmgglK3FtMRBli1QoG7vLiHLXW9j3HyLEtgA63XK:fkx9tDm+nk/J+Xu3HyYgR36

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
6f7723dc3e2a69b85ff39a0ade4075aeaef6cd2b2e47597593aa1dcd9427a641
unpack001/out.upx

Files

6f7723dc3e2a69b85ff39a0ade4075aeaef6cd2b2e47597593aa1dcd9427a641
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1014KB - Virtual size: 1016KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 748KB - Virtual size: 744KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1004KB - Virtual size: 1001KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ