DF0E002F9E3C7FBE4BCED7AE9B2B8B43B52EB82D44187032F9025BB99C2AECA6 | Triage

Sharing

General

Target

DF0E002F9E3C7FBE4BCED7AE9B2B8B43B52EB82D44187032F9025BB99C2AECA6
Size

5.1MB
MD5

460f9a87ff03c29348538ff29c93748c
SHA1

6378ab6755a51d70480e3f4f451a5dac44b5c4c9
SHA256

df0e002f9e3c7fbe4bced7ae9b2b8b43b52eb82d44187032f9025bb99c2aeca6
SHA512

1b66562755b668c209d0195d479638138a361d61376ec0316b0770d82cef577b3b854d00b79f82d2f6541fa3c43c3b623396837424a860c7b24f5dbf9b362922
SSDEEP

98304:D8Qa4y8RVtPUsqhuRoBXF12H9i3zwJp3e1L/mUEGcH3aO2GdT20Ekhfr:D8Xn8RVtPgecF190pUaJGw3a9G1ekhz

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

DF0E002F9E3C7FBE4BCED7AE9B2B8B43B52EB82D44187032F9025BB99C2AECA6
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 13.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE