982be62d234409280f0fce8768288045451a9f53ec648c21711bb9bf50aa42f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

982be62d234409280f0fce8768288045451a9f53ec648c21711bb9bf50aa42f8
Size

192KB
MD5

4778b641f5615d10345594e7481f4000
SHA1

ad67da8d0124497c19e4b1c8534735da7f237a65
SHA256

982be62d234409280f0fce8768288045451a9f53ec648c21711bb9bf50aa42f8
SHA512

5cb526fa65681bed8893b7f9516b7b352ce27ff03ea29bed7dfbd7e3e30951dc7e0a2970ce96f3889ae71288a5d86b05f3f9e3d55f4b23e1771b8543023dab37
SSDEEP

3072:htE42FuK4+bE1F4c2L5x+S+oWnl5Q66cW6sz8aBlWhBm8quf:fE42FeFe9knrDnDdhTquf

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
982be62d234409280f0fce8768288045451a9f53ec648c21711bb9bf50aa42f8
unpack001/out.upx

Files

982be62d234409280f0fce8768288045451a9f53ec648c21711bb9bf50aa42f8
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ