24E6EC7F3896ECB39F4EA242A7071F1805E9CBD58ADD8A39FAD1B4BBAC1A164F | Triage

Sharing

General

Target

24E6EC7F3896ECB39F4EA242A7071F1805E9CBD58ADD8A39FAD1B4BBAC1A164F
Size

4.0MB
MD5

ea7f92ea00308d8c94e91f36124d3fba
SHA1

00d843becf491d39b2a0c187933fdec3d2cd6a68
SHA256

24e6ec7f3896ecb39f4ea242a7071f1805e9cbd58add8a39fad1b4bbac1a164f
SHA512

65434462d1b7c1b414d8e1540c701e3f4a98c0450d752d74b4dfaee9fb5f83cad70659f136ebfabdc2b915420d6f57ab586b8824dbf130eaa2e4dcdea115024e
SSDEEP

98304:aS+JcrhT1gJvD+JoSHE1do5wt3UPoFDe7HeR4U:jlGJvatMdfFBFDe0

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

24E6EC7F3896ECB39F4EA242A7071F1805E9CBD58ADD8A39FAD1B4BBAC1A164F
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE