b39ff6d5d305fc78ea29bc7ca7a60d8788e07af79beadb6a80912c36cc4e5ea7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b39ff6d5d305fc78ea29bc7ca7a60d8788e07af79beadb6a80912c36cc4e5ea7
Size

412KB
MD5

a486bb349ecd1c86f780ec491906169c
SHA1

8a56ddf021596f722d7833e0194458e77e51716e
SHA256

b39ff6d5d305fc78ea29bc7ca7a60d8788e07af79beadb6a80912c36cc4e5ea7
SHA512

cd8b24dd70e0af67c94bc6e5fd7d9428ab404caccc96b56e77a90c18041d897d9a5cf52d1705cf4f5ae5696f258fc77be458c77d3d55c4add6da0e8c5f6a2d84
SSDEEP

6144:KQSoFceamzEWtP2nPU1ier+xmCH2KbBS81efEQ2p7K1K3wWwzx:KQtarmP+R6KoffEQGK1Nx

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b39ff6d5d305fc78ea29bc7ca7a60d8788e07af79beadb6a80912c36cc4e5ea7
unpack001/out.upx

Files

b39ff6d5d305fc78ea29bc7ca7a60d8788e07af79beadb6a80912c36cc4e5ea7
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ