50d50c9af04a89ba7c433b9300835687a9bb139cbaf8e86999f0dfa4c4864c7f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

50d50c9af04a89ba7c433b9300835687a9bb139cbaf8e86999f0dfa4c4864c7f
Size

941KB
MD5

e72b5c95015fd7b29c1897a280b2d291
SHA1

6aeb047b6e77b219f31f78fabfc8c3b7db74e633
SHA256

50d50c9af04a89ba7c433b9300835687a9bb139cbaf8e86999f0dfa4c4864c7f
SHA512

08ec6ac0045df2ddc284e364ff62eb4bd047084f7bf44d4381296781fc529a317f3cc0881e3c22ce19bed9ea1fe0cb950f6e3c3e2cf5930ec423f995e70a1849
SSDEEP

24576:ijpBkmoPSnsSFy8w/yuYhlJ855vKiG/F5m8Wb:ijEdPOy8OElW5Rm5m8A

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

50d50c9af04a89ba7c433b9300835687a9bb139cbaf8e86999f0dfa4c4864c7f
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ