14fdf30032eeb7afff99551f1cb989d26f40cc2e61261686465f4c7b29d8b996 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14fdf30032eeb7afff99551f1cb989d26f40cc2e61261686465f4c7b29d8b996
Size

49KB
MD5

65eb8d3986316b96d06272ad0d532eda
SHA1

f21febbb559ce7f3924784d0c06d0fe5029d28a2
SHA256

14fdf30032eeb7afff99551f1cb989d26f40cc2e61261686465f4c7b29d8b996
SHA512

e03104a042a8b70d86b3e5d213198d02a2742b29a48dc997c15d26a8733256fffbac6fb9b355c37fd79bf7528fe9e7aa980fbbe93afb903545590e9f1b372560
SSDEEP

768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9HSTBT37CPKKdJJ1EXBwzEXBwdcMcI9HSx:CTW7JJ7T1SlTW7JJ7T1Sx

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
14fdf30032eeb7afff99551f1cb989d26f40cc2e61261686465f4c7b29d8b996
unpack001/out.upx

Files

14fdf30032eeb7afff99551f1cb989d26f40cc2e61261686465f4c7b29d8b996
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ