314f0b21f24f66667f7368e97ab3074508efe5ee811e5984ab4d884fccdc6f3b | Triage

Sharing

General

Target

314f0b21f24f66667f7368e97ab3074508efe5ee811e5984ab4d884fccdc6f3b
Size

737KB
MD5

091594da96c121bd3e18c5a85bfe27c1
SHA1

2e67b46334e1b1aae5c27c919f517ba759c00ce4
SHA256

314f0b21f24f66667f7368e97ab3074508efe5ee811e5984ab4d884fccdc6f3b
SHA512

19cfa75ecfc71e8dd32fc8af6639bf6c0bbb67665e5010754c38b68eae7ccae59fb4ac2852f5b7776661b69975fbdb025c629a919fffbc56bc1c5ba0d4bb2e1a
SSDEEP

12288:HxLAayUuy3hJA7pS4evYDyjqdGiq8QhE9rnHt+Sr5WGLxMLWmAijgugFputYdZt:HZyShJAc4evsW4Gib0EJN+Sr5vKWmAw4

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

Files

314f0b21f24f66667f7368e97ab3074508efe5ee811e5984ab4d884fccdc6f3b
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 363KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma1
Size: 116KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE