9d82d028b5141a16ee0db50eab48694827bc4dc629e5d980b205d2687e232288 | Triage

Sharing

General

Target

9d82d028b5141a16ee0db50eab48694827bc4dc629e5d980b205d2687e232288
Size

4.0MB
MD5

1f3c5bbfec2ba90b7b59b11a2bcf4ca6
SHA1

1f7ed4be9df1fd248d60fbb15fca1931d6759e50
SHA256

9d82d028b5141a16ee0db50eab48694827bc4dc629e5d980b205d2687e232288
SHA512

d79367f409c8434481b05c36bd7b865fbf93bb7eafbbe48889b28cd4d9952707bb1632583d67405d4549049be1c6336352ad0586480ac08a1c46fc6ed2ac006b
SSDEEP

98304:xFMNtfOfcFldIVz791+ioQuE446WPQucT2Ju069:DMVCCiQOAEJu5

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

9d82d028b5141a16ee0db50eab48694827bc4dc629e5d980b205d2687e232288
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 10.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE