16232aec899ad1f1c2f1078b066796a39a364b0a2eb7f0e33f28515ec945c06c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16232aec899ad1f1c2f1078b066796a39a364b0a2eb7f0e33f28515ec945c06c
Size

1.6MB
MD5

0bd316020181aabf52e4bd6dcd0ca81c
SHA1

eddd7f2caee7c0f8cf5b2d3499b01ef6685224af
SHA256

16232aec899ad1f1c2f1078b066796a39a364b0a2eb7f0e33f28515ec945c06c
SHA512

368bdf0fcdfadd5e3cdf81e2d7f30c8f048a214c83f21ba67f3dc53ba6de1de54dab97ccd688dc3d155f0adc0a31f94cd0dca5fe80934f5714f933c44f196a67
SSDEEP

49152:LaCAY17b4yWUJJVi/3Lh6D6AT9uAP+7+eTTeb1FLBQ086UY:e017b4d6Di/396D5cE2TTeb1FLBQ0

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
16232aec899ad1f1c2f1078b066796a39a364b0a2eb7f0e33f28515ec945c06c
unpack001/out.upx

Files

16232aec899ad1f1c2f1078b066796a39a364b0a2eb7f0e33f28515ec945c06c
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ