763a568aa3ab9bfad536adc1231b8cf0da4f643cae5d6165ba085de80f4f65a5 | Triage

Sharing

General

Target

763a568aa3ab9bfad536adc1231b8cf0da4f643cae5d6165ba085de80f4f65a5
Size

8KB
MD5

41498f8a15bd4b5dcb3d1489b68f0ca0
SHA1

0f16a68e25786692b208e6b76f810d0c64b332b8
SHA256

763a568aa3ab9bfad536adc1231b8cf0da4f643cae5d6165ba085de80f4f65a5
SHA512

2922f4ae7883f4da040bdd3f9e47fb7cb969a996f132b064ba9d7ad7188781a16da537c4b36473f3b6d50c95e380811c0481f1751d683cde4638a6fb3546d7ef
SSDEEP

96:fvl10GxW2FjJYPmVI+tTpMbCJBnXgFq3cx1U0zqukU:fvl10GPdYPmVI+tTpXXXcEukU

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

763a568aa3ab9bfad536adc1231b8cf0da4f643cae5d6165ba085de80f4f65a5
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE