55b44ab8cf3fbbc928d18575e7c9eb7f6199baf658b3ebf14c4c13dad07ec2dfN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55b44ab8cf3fbbc928d18575e7c9eb7f6199baf658b3ebf14c4c13dad07ec2dfN
Size

188KB
MD5

bc8407efaec8d695e5296867905536d0
SHA1

2e616cb8973973030cada9807091ba9ef16c1d98
SHA256

55b44ab8cf3fbbc928d18575e7c9eb7f6199baf658b3ebf14c4c13dad07ec2df
SHA512

434856286d6fb9c1c9bd54f22a632f68145508d58030ff5771198753e0d4cd3b0d755b39697522e7408c9397cbf97d8a9a3d23b675e980a93640958110035ac5
SSDEEP

3072:htE42FuK4+bE1F4c2L5x+S+oWnl5Q66cW6sz8aBlWhBm8qu0:fE42FeFe9knrDnDdhTqu0

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
55b44ab8cf3fbbc928d18575e7c9eb7f6199baf658b3ebf14c4c13dad07ec2dfN
unpack001/out.upx

Files

55b44ab8cf3fbbc928d18575e7c9eb7f6199baf658b3ebf14c4c13dad07ec2dfN
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ