cfdf1aaae40f7b8ac7a06aaf37e7fa60b6b64169bc54ed00c0da0da23544f17a | Triage

Sharing

General

Target

cfdf1aaae40f7b8ac7a06aaf37e7fa60b6b64169bc54ed00c0da0da23544f17a
Size

35KB
MD5

8af2119de15a51a7df22336bb212120c
SHA1

f2096fc4bde47303ae70555475b0cd04f3488ab3
SHA256

cfdf1aaae40f7b8ac7a06aaf37e7fa60b6b64169bc54ed00c0da0da23544f17a
SHA512

d8d8706cefe5879dee7873f25c90cd69c8a64546a1288558362f7504324c47dcdad617d19904c41cf3b110bad7cafc0615072e9e2190b0510b8ba76f77eeefe4
SSDEEP

768:aHtMkeNmrfgevVkzkcVpKPybIhB+ZhL2VC1HprM8YJ:aOkIbh+sIOZhL2IpQb

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

cfdf1aaae40f7b8ac7a06aaf37e7fa60b6b64169bc54ed00c0da0da23544f17a
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE