183ec2f8ddf7c9887e2f4e8d60ec6d72fd4ca74c95cb58fff185c692d138d4afN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

183ec2f8ddf7c9887e2f4e8d60ec6d72fd4ca74c95cb58fff185c692d138d4afN
Size

56KB
MD5

110c09b2db015ce198b2f6f98dd32d90
SHA1

c21e22c63d6bce4e6d307106d368b54ad525b09f
SHA256

183ec2f8ddf7c9887e2f4e8d60ec6d72fd4ca74c95cb58fff185c692d138d4af
SHA512

ed2ebe7d192f205feddfa3db718f50dae32dbd7fa856d4fcf3559b4036eac9d621469e9a71a81e00d20ec6416e11b5989f6313ff971a753d7272459d102f9d6f
SSDEEP

768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9woOzOuiJfoOzOuiJf/BT37CPKKdJJ1EXBwzM:CTW7JJ7T4M6TW7JJ7T4MY

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
183ec2f8ddf7c9887e2f4e8d60ec6d72fd4ca74c95cb58fff185c692d138d4afN
unpack001/out.upx

Files

183ec2f8ddf7c9887e2f4e8d60ec6d72fd4ca74c95cb58fff185c692d138d4afN
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ