fd064d42d8f3ded136e7f7259f8aab124f8b86ac86cdd6ecb02e3de4e3d93822N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd064d42d8f3ded136e7f7259f8aab124f8b86ac86cdd6ecb02e3de4e3d93822N
Size

28KB
MD5

01281d2223753298ddd1e187d749ef70
SHA1

85654b90913370bb3879bfe5966169e1d4ffeb76
SHA256

fd064d42d8f3ded136e7f7259f8aab124f8b86ac86cdd6ecb02e3de4e3d93822
SHA512

8ef0fd09dde72e285ae3384070a79acd743d06675df5b82a898b1d3b8470389edc2cf81cfc51d1dd3eeab06a2fee9b53d9d55a63d6edcae0b5c2344bd95d85d3
SSDEEP

768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9vJpZu/JpZuq:CTW7JJ7TpJpZu/JpZuq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
fd064d42d8f3ded136e7f7259f8aab124f8b86ac86cdd6ecb02e3de4e3d93822N
unpack001/out.upx

Files

fd064d42d8f3ded136e7f7259f8aab124f8b86ac86cdd6ecb02e3de4e3d93822N
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ