9ef9766d4e95981965bf68f490ad4a7af151fa674dd223f21e5dfc0fedb45083N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9ef9766d4e95981965bf68f490ad4a7af151fa674dd223f21e5dfc0fedb45083N
Size

115KB
MD5

4fd6396b5dd23eb4899cec96add22480
SHA1

f508b131025393619cd93a7ac10cace495bd560a
SHA256

9ef9766d4e95981965bf68f490ad4a7af151fa674dd223f21e5dfc0fedb45083
SHA512

4d320e368830e6c4f3c5c2a1814714eb413706021ac2ddc183e940ce665b9af80d437f13b971f96dab63fb6666c6378003a56713516beca3dc8e2a0ba725ed9c
SSDEEP

3072:hJT0T+9iMGfUSaOy9SnJUwFU+FUhFUeFUXFUqyqKRrpF6PwD:zYi9iMGsSaOyi0

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
9ef9766d4e95981965bf68f490ad4a7af151fa674dd223f21e5dfc0fedb45083N
unpack001/out.upx

Files

9ef9766d4e95981965bf68f490ad4a7af151fa674dd223f21e5dfc0fedb45083N
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ