f29_cpk[.]zip | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

f29_cpk.zip
Size

1.2MB
MD5

a3924eb1075b4fd93fe09bb6c3be5e4c
SHA1

d3a6adaf63be8a8172eb9b61321c9739ba0194d5
SHA256

7ba6798f10928a4071da53c59b9601d3a817e74395396cb700af4e5f8764b43e
SHA512

f6a9ba21c86dd5869bf20e905203f57df76820722839fb937ec8c6705cbac6c45322902c5e434ffcd6a285ad5c26a3f8edbbb1180772b11c16dd0cfc68e74bf7
SSDEEP

24576:t0SfRMV66hTGWRjrT/NpjhZHXK8zlQB/88Lod75TPJv0QlpT:thf1UGWRjrBpjh5XjhUoB5TPJtlpT

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/cpk/cpk.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cpk/cpk.exe
unpack002/out.upx

Files

f29_cpk.zip
.zip
cpk/Readme.txt
cpk/alarm.wav
cpk/cpk.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 761KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 617KB - Virtual size: 617KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cpk/cpk.ini

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.8MB

UPX1 Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 104KB - Virtual size: 108KB

Headers

File Characteristics

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.data Size: 123KB - Virtual size: 123KB

.rdata Size: 761KB - Virtual size: 760KB

.bss Size: - Virtual size: 32KB

.CRT Size: 512B - Virtual size: 12B

.idata Size: 13KB - Virtual size: 12KB

.rsrc Size: 617KB - Virtual size: 617KB

/4 Size: 512B - Virtual size: 20B

UPX0
Size: - Virtual size: 2.8MB

UPX1
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 104KB - Virtual size: 108KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 123KB - Virtual size: 123KB

.rdata
Size: 761KB - Virtual size: 760KB

.bss
Size: - Virtual size: 32KB

.CRT
Size: 512B - Virtual size: 12B

.idata
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 617KB - Virtual size: 617KB

/4
Size: 512B - Virtual size: 20B