2d32f48e9f45c8549914ad1bf21d96d1898530b744b498e0712ba89fc03b02a4[.]exe | Triage

Sharing

General

Target

2d32f48e9f45c8549914ad1bf21d96d1898530b744b498e0712ba89fc03b02a4.exe
Size

212KB
MD5

4aab68bb121b16a741376ec12a03d4db
SHA1

db3dbeb6df763d0d79549f2d64477129332bee37
SHA256

2d32f48e9f45c8549914ad1bf21d96d1898530b744b498e0712ba89fc03b02a4
SHA512

6e1f59445b919633903dc61b022ad8616e53abbcb081730b97b124f7e5192aa698b7a1fb7d556a04a202c9f7cec773f2a17d132b2c0d3b8964d4b65237f1d1da
SSDEEP

3072:hwV4OgSzBmh04eZFkz3Rr0gwGj9Tf874t6VoNKFlYp5gkKkc9:hMzzILGFkzhr0pGj9ok6ViKFlXkKkM

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2d32f48e9f45c8549914ad1bf21d96d1898530b744b498e0712ba89fc03b02a4.exe
unpack001/out.upx

Files

2d32f48e9f45c8549914ad1bf21d96d1898530b744b498e0712ba89fc03b02a4.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 232KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 343B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ