F8D8AF9B56352051817A7EEC3D9D5796DD2415752C8761585F4E6C18E3588D57 | Triage

Sharing

General

Target

F8D8AF9B56352051817A7EEC3D9D5796DD2415752C8761585F4E6C18E3588D57
Size

4.0MB
MD5

f06fd38d0378b33350dc4f7219e5d620
SHA1

6d7a2b0d832c154ecf8a21d7eaea39b478ed90f5
SHA256

f8d8af9b56352051817a7eec3d9d5796dd2415752c8761585f4e6c18e3588d57
SHA512

454042ee93dcc154fb530eab67d229372ee1d9b8e44de4c537917899c762f6132cf0aa357849d7e7df7d46680e8bc35eb3a111b8d55df91dff7c4faff392080e
SSDEEP

98304:SFqRNImxU3Ptx5YjLtKuziQsRX624N1TcdxWjpU3vt:kmK3P9YjLEuhuK24N1TcdxWGvt

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

F8D8AF9B56352051817A7EEC3D9D5796DD2415752C8761585F4E6C18E3588D57
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE