64A5241C65DAADA63DB299DC872CA3E327CF08ABD2D8FFEB82C1F3636BFFC387 | Triage

Sharing

General

Target

64A5241C65DAADA63DB299DC872CA3E327CF08ABD2D8FFEB82C1F3636BFFC387
Size

4.0MB
MD5

11b952bd0d9358fc739412c3b59fec4c
SHA1

fc200d4f6487d7a3dc36b0556e6da777f483bdf5
SHA256

64a5241c65daada63db299dc872ca3e327cf08abd2d8ffeb82c1f3636bffc387
SHA512

780fce88f28357d0fe083bc346f6c39dc8b3ff32b38783c2d21886184f124032700e5d9ae8614fca74478ae94c87c6fe7008b7df7dfd07603cd7c64e5bd75bcb
SSDEEP

98304:assckzxM6A0I7CQvFLwV88L3c3Z128YhQ9VWaeGqx:tXkzxM6A0I7Tg87/Yhimj

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

64A5241C65DAADA63DB299DC872CA3E327CF08ABD2D8FFEB82C1F3636BFFC387
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE