DAB09777A97C8A963D89611B0FE5B38BCE6674B70A41FEC555E5808224D9CAEE | Triage

Sharing

General

Target

DAB09777A97C8A963D89611B0FE5B38BCE6674B70A41FEC555E5808224D9CAEE
Size

5.1MB
MD5

5673baaaeedd2bf13a9a88bb10409ea2
SHA1

e2b20f7213005183263eeaca33e95959c18fba5d
SHA256

dab09777a97c8a963d89611b0fe5b38bce6674b70a41fec555e5808224d9caee
SHA512

be04fa8560672ab7c8dfd78c2c6c59b54f567cecb3c29f3c21055b7b0da95342d95548b45c9fc5f82445891b1be2a0339e02e6ec612e9422eb69c0a769c8598a
SSDEEP

98304:1bL7/+Fbm4jj4t7aJp4OH/ZwppyFIyE9+JOpsSy1nNnq/cpKtGrhf4npOljK:RP+F1j4t7+uZy1JWd2Iu2Af2Ij

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

DAB09777A97C8A963D89611B0FE5B38BCE6674B70A41FEC555E5808224D9CAEE
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 13.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE