0c70017cfb5a22479524853245888f9ed16de11134079af2c47acaff0af86af0 | Triage

Sharing

General

Target

0c70017cfb5a22479524853245888f9ed16de11134079af2c47acaff0af86af0
Size

314KB
MD5

8391150bd1e9ee175e448aa45b58414f
SHA1

0e4aff0bc949292f5500539a655e684f22c9953a
SHA256

0c70017cfb5a22479524853245888f9ed16de11134079af2c47acaff0af86af0
SHA512

1f3c19b3f635f7836bccc0eecffbb94f385acafdbb47b93201a63c73b906f223fa59bc5a4b5ba9ecb9d9b06085f80479341bc84aa9df6941dd5ae451c4476961
SSDEEP

6144:xjpRa9n4uLlXl48lNE5GMh3LZGcI9CioMKaJzj+yYN01OP7sO1lse:xpk6KXKmNEcMhU5TJzj+yGH7rnl

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

Files

0c70017cfb5a22479524853245888f9ed16de11134079af2c47acaff0af86af0
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 67.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 66.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 939KB - Virtual size: 938KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ