7203b5c4f3b3a61c85219f0f1ab42eb28e7719711d64c23757d91c8bf8d1c87c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7203b5c4f3b3a61c85219f0f1ab42eb28e7719711d64c23757d91c8bf8d1c87c
Size

74KB
MD5

543eb0eb23575cf7b3cfd447a5f24d88
SHA1

1837b0e501f3a3d154530882e7b387b7fb3b9a56
SHA256

7203b5c4f3b3a61c85219f0f1ab42eb28e7719711d64c23757d91c8bf8d1c87c
SHA512

086e99e7c371452bcde0520498523929af10899aac2d42e2e19510a972578e078d5fe218b0036384a0d1792137bc332bfbee7554775f23641db053f192a9c613
SSDEEP

1536:CTW7JJTU3UytJfOEfmKjfmK9TW7JJTU3UytJfOEfmKjfmKopF:h3bpF

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
7203b5c4f3b3a61c85219f0f1ab42eb28e7719711d64c23757d91c8bf8d1c87c
unpack001/out.upx

Files

7203b5c4f3b3a61c85219f0f1ab42eb28e7719711d64c23757d91c8bf8d1c87c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ