d4598d3654af2b9fa4cae8a243b995ef3ac02d004c03a47086877405a7e402e2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4598d3654af2b9fa4cae8a243b995ef3ac02d004c03a47086877405a7e402e2
Size

6KB
MD5

b1a699d749e18b9cecc08565bb9893c5
SHA1

3a68d832078850c9bcc9e7029f6d1ca3678f1209
SHA256

d4598d3654af2b9fa4cae8a243b995ef3ac02d004c03a47086877405a7e402e2
SHA512

ccad1cf2245d2f50144c2736e888d1e82d9d5c90c2887a62e36e92884836d41ed81c79ef5c49f523e18073a9c4e05918e90a6bec53fd1eb1a1a587d359dfe1ca
SSDEEP

96:Sw/ieGaJsfS7C7HOC455YoNYaoq8O6hhudlF5sPosuQ:qaJIUC7uCa5YoNLoVxhIF51K

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

d4598d3654af2b9fa4cae8a243b995ef3ac02d004c03a47086877405a7e402e2
.exe windows x86

313e98f022c349725e9dbd6d9390af06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey

comdlg32

WantArrows

gdi32

GetCharWidth32A

user32

BeginDeferWindowPos

msvcrt

printf

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE