General
-
Target
4b1e798f2f5db46ae9ccbc7af03847a474bd7634f6f4bf08d95c3587bf0df83bN.exe
-
Size
111KB
-
MD5
cf152fcd188136f3801b93ddff701210
-
SHA1
477aef7a068e5ccda2c40c9f026430045d2efda7
-
SHA256
4b1e798f2f5db46ae9ccbc7af03847a474bd7634f6f4bf08d95c3587bf0df83b
-
SHA512
3165860c2c3cc4c234345101fde5a1a48e15df91b107a2413c3ee66e5bd07d1ec70aea52760c5706df4c3ff9ebb5611b0a98ffd9c585645d4d024f678ab5df31
-
SSDEEP
3072:bROzoTq0+RO7IwnYLdxZ4j8givE8hcRoAq:dkdNwBg4j8gisjoAq
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 4b1e798f2f5db46ae9ccbc7af03847a474bd7634f6f4bf08d95c3587bf0df83bN.exe unpack001/out.upx
Files
-
4b1e798f2f5db46ae9ccbc7af03847a474bd7634f6f4bf08d95c3587bf0df83bN.exe.exe windows:10 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 120KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 52KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:10 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.code Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 37KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ