c8bc29913b6d5777c72e004867af63715423b593b50556c28dc6f37b470d3e07 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8bc29913b6d5777c72e004867af63715423b593b50556c28dc6f37b470d3e07
Size

585KB
MD5

5c9263fbfa9e24dccbb3f1385174b193
SHA1

53478bd4943fa72489b9fe19a6b8aef0d5c00ac6
SHA256

c8bc29913b6d5777c72e004867af63715423b593b50556c28dc6f37b470d3e07
SHA512

0383754563f81a907192a98690cd543b26855bc2cb457b81b2372d06535ed85ea3017e974956d8f82a715e4320f0a1fe20d06cab845a0f61225f23ffa622c36a
SSDEEP

12288:v9SpyAOb4f+kUN3HFrW1OlfbsqTsa2J403gWBME+BjcC6Ijh9v:5AOFkE3lrGOlfZJ2e03gWBMh9v

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
c8bc29913b6d5777c72e004867af63715423b593b50556c28dc6f37b470d3e07
unpack001/out.upx

Files

c8bc29913b6d5777c72e004867af63715423b593b50556c28dc6f37b470d3e07
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 872KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 510KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 932KB - Virtual size: 929KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ