47a27b3cc05cf79b00f1ef954fc0fa36d1c0aec5e34b45425cb6f004ab539ba0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47a27b3cc05cf79b00f1ef954fc0fa36d1c0aec5e34b45425cb6f004ab539ba0
Size

190KB
MD5

ee94617a590a44cb15b4815396d14178
SHA1

693bccebb13245854bf37d73d570a323c1dc27f0
SHA256

47a27b3cc05cf79b00f1ef954fc0fa36d1c0aec5e34b45425cb6f004ab539ba0
SHA512

74fded0de23deed2846c5ff7164bf1b260943627b5ad06556ebe9a8e3de149f1b81c8f6e66f08824e427bacccdca126429523b75094e825a5b6b2cbde5486e1b
SSDEEP

3072:mTg1QNu7VEZfaK40HrA/Elk6XPvxaBqL6z5DvnpJBaFR2ythQFNyZ7ecCs+J+6KB:IyQyCgh0HuIkOxaBqez5TWf7QS7sbJ+M

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

47a27b3cc05cf79b00f1ef954fc0fa36d1c0aec5e34b45425cb6f004ab539ba0
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 188KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 186KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 356KB - Virtual size: 354KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ