cb5bd422f47de92a918c31e899a1d31939b3a4d61cbf44585f48c1fb0fc290ab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb5bd422f47de92a918c31e899a1d31939b3a4d61cbf44585f48c1fb0fc290ab
Size

150KB
MD5

b29dac274e25481734df51f7eb19b38b
SHA1

a4ef3d67432c739256f25731c3fa900b7ce006c9
SHA256

cb5bd422f47de92a918c31e899a1d31939b3a4d61cbf44585f48c1fb0fc290ab
SHA512

83bba3efdaa090659483bf81d26eef52e80115c4d53b9a6bc3b5e23df6403f62e85cea1f82f5c68a298e62936c94e943741d4f5f0f0ead8b2af8f328e96f7956
SSDEEP

1536:CTWn1++PJHJXA/OsIZfzc3/Q8zxY5eYAWmthlfEwOxW3o/v7V+v/v7V+X:KQSox5ol8wOgobabY

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
cb5bd422f47de92a918c31e899a1d31939b3a4d61cbf44585f48c1fb0fc290ab
unpack001/out.upx

Files

cb5bd422f47de92a918c31e899a1d31939b3a4d61cbf44585f48c1fb0fc290ab
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ