1da8dd8e9713f346653a4ee682f62f915a833db3400cdee626087f3a0c00e74eN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1da8dd8e9713f346653a4ee682f62f915a833db3400cdee626087f3a0c00e74eN
Size

215KB
MD5

27ebb6f6cf351086abd8d1afe5090dd0
SHA1

725fe914c9aee0b0ef33ceacf8bb779837677061
SHA256

1da8dd8e9713f346653a4ee682f62f915a833db3400cdee626087f3a0c00e74e
SHA512

2e8f620f6fffe316ddb399f095b56b24450c7e06c6845c5c96aacb51ecd32180e80d382187a55f04f6a11cc4f1f1a0f19a859cf86023b441bda95573b9ad6abc
SSDEEP

6144:u/ACraNCraNCraK5GR5GR5GR5GR5GrDIEd:uzaKaKawSSSSdEd

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
1da8dd8e9713f346653a4ee682f62f915a833db3400cdee626087f3a0c00e74eN
unpack001/out.upx

Files

1da8dd8e9713f346653a4ee682f62f915a833db3400cdee626087f3a0c00e74eN
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 16.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.bss
Size: - Virtual size: 16.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE