b80e9f3cc30c000969b3ee90918820dae7b664ba09ae44bf43a33f24bddf665f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b80e9f3cc30c000969b3ee90918820dae7b664ba09ae44bf43a33f24bddf665f
Size

81KB
MD5

cf67a329ce6a0df0ad84ee37f3bdb0fb
SHA1

f8b5711d9f003370e4e577a32bb9038d790eed45
SHA256

b80e9f3cc30c000969b3ee90918820dae7b664ba09ae44bf43a33f24bddf665f
SHA512

dfcd74a895e162e6a59db7bba9a18c466962b1b39c962b68697a26801b7594fefbfaf044a52c8696fb935cf5b84134c749273d11b1b566b87a0c28b51e4ce5d4
SSDEEP

1536:SRegtAh/0DXiXx5PfMnpvjcA83dVlCOP9k+pc0rhA/lYIHOFMFB:SQgOabQz4vYA83dVlfPlpch/lPuIB

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b80e9f3cc30c000969b3ee90918820dae7b664ba09ae44bf43a33f24bddf665f
unpack001/out.upx

Files

b80e9f3cc30c000969b3ee90918820dae7b664ba09ae44bf43a33f24bddf665f
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ