eae1dffc2dd960e8272dec5a7e9543b757e8480a7e2f2841fcebc7694f14483d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eae1dffc2dd960e8272dec5a7e9543b757e8480a7e2f2841fcebc7694f14483d
Size

54KB
MD5

740bd66253a08aa7aa56e7184ab4dbd0
SHA1

9e264d1b1db5c290a42cb4b08c504e5068ae5f8b
SHA256

eae1dffc2dd960e8272dec5a7e9543b757e8480a7e2f2841fcebc7694f14483d
SHA512

cfa79c6c2ea801cb9cf3ac908df923545f9daf15cf445c41fbd49c65a951c66223f57cb701e21e7a6d830fb05edb389c30cc910d5545949096e3537f615100b0
SSDEEP

192:A2MJD07zpTR2MJDKXz7g+4q5O3KvjpTI14K9k:AZ107zbZ1KXz7g+4qXvjaCK+

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

eae1dffc2dd960e8272dec5a7e9543b757e8480a7e2f2841fcebc7694f14483d
.exe windows x86

3d89aca43aba2b9bbfab6cb659b13a5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

�

GetCommandLineA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetTempPathA
GetTickCount
GlobalAlloc
GlobalFree
CreateFileA
ReadFile
RtlUnwind
RtlZeroMemory
WriteFile

ã=,0@

__GetMainArgs
exit
memcmp
memcpy
raise
rand
signal
srand
strchr
strlen
strncpy

ShellExecuteA

��x�

PeekMessageA

Sections

UPX0
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.packet
Size: 33KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE