tmp | Triage

Sharing

General

Target

tmp
Size

284KB
MD5

0eda8d3edb0defad4b33d7e9dae5809e
SHA1

fe8fa55fbdccc5039ad8afe8e7538af247e6ae47
SHA256

ae40d97e1a8a2b3c19ae35cd2d76b2664ceccf564c337eddbc868dec6e3fd681
SHA512

f39e9fd2e147ccf82e021c2e7f922c5b5df54289d057382c39194e6d2deb1775379ea4c07befa1a222bb9d3833f16e4480fb7b10f20edd2de23f6b74457d4c21
SSDEEP

6144:MJ9X9cMrR7jfEsoAs3QX5aklL9y/iJ2Kjvfg5N7vgLoS:SNt7jxX5aGaSBjvfQFvaoS

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

tmp
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 444KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 282KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE