040678489eeda043b4298cf013497fa660d216b772270a6b986245c4b5b4ce76 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

040678489eeda043b4298cf013497fa660d216b772270a6b986245c4b5b4ce76
Size

4.5MB
MD5

4c9416fd60e5351e0a38dcf44eed6628
SHA1

0e711a77ecef01db62f7e75113a0ec5bf9b5ae1b
SHA256

040678489eeda043b4298cf013497fa660d216b772270a6b986245c4b5b4ce76
SHA512

6b6b6a34ab2d6eb0e1fcee2c7b9bb8a50bdaad2e869b39b382fa97d9a5aa5e79b5a781efbd1808604c6fd69dbf1602bf352806b44a8a3eb283c12ece80617689
SSDEEP

98304:Y+CV0/lWnBFCHWZU5pHuc9CBkvZcUf1apxMoRdK4rCw:Yr6/4BFpUOc9CBhQ1gxVRd3rC

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
040678489eeda043b4298cf013497fa660d216b772270a6b986245c4b5b4ce76
unpack001/out.upx

Files

040678489eeda043b4298cf013497fa660d216b772270a6b986245c4b5b4ce76
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 784KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ