14566904e0c1f3e504a93e60316a517d1c277f0e369223f3f0438c55e843b7a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14566904e0c1f3e504a93e60316a517d1c277f0e369223f3f0438c55e843b7a4
Size

111KB
MD5

4177c6952d53e093f92eea9225d47470
SHA1

17772d6bbb5701d875c9d0bc1dc52a5b2ada246d
SHA256

14566904e0c1f3e504a93e60316a517d1c277f0e369223f3f0438c55e843b7a4
SHA512

e29b84169d2cd27f70175e766d84392c9f8664bd8d06c96c7fd1ee384f7a353a2b2f786c96faf5db3bd09a6a11331b3c21200e2c73057febaa3cfd8bb734838f
SSDEEP

3072:TROzoTq0+RO7IwnYNldR33QY/z9I14HkDb3QW:1kdNwB8hwuzxH03Q

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

14566904e0c1f3e504a93e60316a517d1c277f0e369223f3f0438c55e843b7a4
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE