92ec9fef389ef21203bb7c968de4df94b1f54b416240e3be5f40a57947e6a7bfN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

92ec9fef389ef21203bb7c968de4df94b1f54b416240e3be5f40a57947e6a7bfN
Size

40KB
MD5

bf5ec1d25e2a9709d57ae6583b611e20
SHA1

b117a562aee2c62636c6d6ff4fb3306069206599
SHA256

92ec9fef389ef21203bb7c968de4df94b1f54b416240e3be5f40a57947e6a7bf
SHA512

db256a2a224a2427dcea0c70bacfc4906e7edc97d11a1bcfbc5d07b966e70a9953cad9a37bdca14eb9141eb1fa2583e850d86bc7e072494201fa9a1fa3ab70cc
SSDEEP

768:kBT37CPKKdJJcbQbf1Oti1JGBQOOiQJhATBHfBo8o3PVKLOpWGX:CTW7JJZENTBHfiPA8WW

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
92ec9fef389ef21203bb7c968de4df94b1f54b416240e3be5f40a57947e6a7bfN
unpack001/out.upx

Files

92ec9fef389ef21203bb7c968de4df94b1f54b416240e3be5f40a57947e6a7bfN
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ