aa4a45d59215d88f5bbb79f4020cbb24cb9809b8d0c651eed9c4c9a44fe15267 | Triage

Sharing

General

Target

aa4a45d59215d88f5bbb79f4020cbb24cb9809b8d0c651eed9c4c9a44fe15267
Size

914KB
MD5

d314447bfe78be921cb5db03d138d5d2
SHA1

87ef7e53ba2b644a8638c9efd16ecaf445d393cc
SHA256

aa4a45d59215d88f5bbb79f4020cbb24cb9809b8d0c651eed9c4c9a44fe15267
SHA512

7207fc3560a459f6678e60af78de888fad5ae1dda7ebe37ffb1e4f3a921760ae67fe2a33279f5451820af6d51ba4c975d385abdbc879fbae833128a24b5ef151
SSDEEP

24576:wc5ndIGN7QDVHriGNdKY9AO+sCaqht2keZ1yugLYlr:t5nnQDVOTeAJr2keZsrYR

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
aa4a45d59215d88f5bbb79f4020cbb24cb9809b8d0c651eed9c4c9a44fe15267
unpack001/out.upx

Files

aa4a45d59215d88f5bbb79f4020cbb24cb9809b8d0c651eed9c4c9a44fe15267
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 902KB - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 424KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ