029a54f9f53a2be02f118b7cf4e05be7e679d7c0fe4214587a6a4b05235df770 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

029a54f9f53a2be02f118b7cf4e05be7e679d7c0fe4214587a6a4b05235df770
Size

30KB
MD5

913d8f12a6f1252ac0033094d250a8d3
SHA1

941eef47f89c8507663f7f04077515c63754d4e5
SHA256

029a54f9f53a2be02f118b7cf4e05be7e679d7c0fe4214587a6a4b05235df770
SHA512

76fd6c94bde534ed327bf6f126435d5fbb67e17a105e368c2c909838193636522984a01223c4bcbe8fa5a9e49fd502673f9e59571fbd54e11d5667db66fcceaa
SSDEEP

768:kBT37CPKKdJJ1EXBwzEXBwdcMcI9ZJ3RL:CTW7JJ7TzJJ

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
029a54f9f53a2be02f118b7cf4e05be7e679d7c0fe4214587a6a4b05235df770
unpack001/out.upx

Files

029a54f9f53a2be02f118b7cf4e05be7e679d7c0fe4214587a6a4b05235df770
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ