416297b16188772a920ab6f4f3b95ca03ca0e34365edad527ceb0b555b2e3d8cN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

416297b16188772a920ab6f4f3b95ca03ca0e34365edad527ceb0b555b2e3d8cN
Size

3.0MB
MD5

16aa5ed06bbec64769c2604531e2fe10
SHA1

c36e6ed5b7c73d524b47693276dc75ed76d913f7
SHA256

416297b16188772a920ab6f4f3b95ca03ca0e34365edad527ceb0b555b2e3d8c
SHA512

5573b522685b9f968ffb2398394085fdaab973de3012742e1179d6cf4c65946e7332097020a66338d04daefd576866a611d8044960ea75806368cbc2cfeb695b
SSDEEP

24576:utLmio+q2GW6nKAv+7eQwg1wghQ6CzIRxVCeIwpX+SGzqYF8RhgS3t/1p/wgOejO:uo+qFv+7e6w4VCkpX+btF8RfnrPZPE

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
416297b16188772a920ab6f4f3b95ca03ca0e34365edad527ceb0b555b2e3d8cN
unpack001/out.upx

Files

416297b16188772a920ab6f4f3b95ca03ca0e34365edad527ceb0b555b2e3d8cN
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ