EFD2F077A353EAA4B72CA2BC038464A32C82CD84717D8D8FA50FDB77B9A4D736 | Triage

Sharing

General

Target

EFD2F077A353EAA4B72CA2BC038464A32C82CD84717D8D8FA50FDB77B9A4D736
Size

4.0MB
MD5

0fe145975973cea3a7c3aa5be08e721d
SHA1

d9dab19a64bc01fd1147531f11e9440731745af0
SHA256

efd2f077a353eaa4b72ca2bc038464a32c82cd84717d8d8fa50fdb77b9a4d736
SHA512

4c2f3a26383351df9d79726aa9230a96bb5c7d89f9dc18475e002e8fab5bd02d99d8cbceeba51a41c87003c5c6ac1e8ee692abae55754cb4558e4b6035cfc690
SSDEEP

98304:q3hZ2QuVOnmbSk5ySgUFxlpG65QRMfQYP3tub65:q3avmHrSh5QRUuu5

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

EFD2F077A353EAA4B72CA2BC038464A32C82CD84717D8D8FA50FDB77B9A4D736
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE