c61245007e495003d611b74b5f8decfd5493d18089a077ffa9a1580547292db0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c61245007e495003d611b74b5f8decfd5493d18089a077ffa9a1580547292db0
Size

68KB
MD5

8a00ba8ce096fabe8ae68ccab1640441
SHA1

2c4f4043fd6416d7bf6e6895c9e4e28de38cb14c
SHA256

c61245007e495003d611b74b5f8decfd5493d18089a077ffa9a1580547292db0
SHA512

b47bb45952846c493112ba8bf512364ce838124a2d1234c3aaa01612d23763a7ceb68c929ecf2f87b780a5d89ac9d31eadfc1b1ea063ed196abb60dbe4129f17
SSDEEP

1536:EkDIqcrW8/bu5n2452RsvuwMq6VgkeG4u9FqMINeKhsFVJpe75dhJf6ZpG:0LrW8kIRsvgq6VAN+FCNKVJpe75dhJff

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c61245007e495003d611b74b5f8decfd5493d18089a077ffa9a1580547292db0
.exe windows x86

Code Sign

3b:02:5a:b6:95:9b:8b:e5:b0:6e:27:bd:fe:10:d2:5d:2a:f9:10:6b
Signer

Actual PE Digest

3b:02:5a:b6:95:9b:8b:e5:b0:6e:27:bd:fe:10:d2:5d:2a:f9:10:6b

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

NO CERTIFICATE

01/01/0001, 00:00
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ