66700485FD96EF2CBA4E6A7089D34586D2330FA67B10EE51BE9C3D1911EC53E7 | Triage

Sharing

General

Target

66700485FD96EF2CBA4E6A7089D34586D2330FA67B10EE51BE9C3D1911EC53E7
Size

4.0MB
MD5

d557b2f69defa06f1a2f6eba633c8d35
SHA1

26b2bb7c101e1ccd03c6e579b47eecc3e258b5e8
SHA256

66700485fd96ef2cba4e6a7089d34586d2330fa67b10ee51be9c3d1911ec53e7
SHA512

f935e6227a19c316b54df412122852b0de0a190515454bf05692187b5a971a3a5dbe639450edea3c041ea58607afb486afc1e5922ca09d7f988e001b87e01608
SSDEEP

98304:GYV8zsn3Adih/ZNbCD31oz1FjQJTBI8tyP:DdVFu31ozrQpS6yP

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

66700485FD96EF2CBA4E6A7089D34586D2330FA67B10EE51BE9C3D1911EC53E7
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE