d4043c6a00f5552c4b000121c6faf30908fb1f217888b69826f854f7b1a9d4b7 | Triage

Sharing

General

Target

d4043c6a00f5552c4b000121c6faf30908fb1f217888b69826f854f7b1a9d4b7
Size

182KB
MD5

6e466bd51a46678ad515defd5e3ebd5a
SHA1

17fb1f12c125df98e6abc35b093e549e32bcac97
SHA256

d4043c6a00f5552c4b000121c6faf30908fb1f217888b69826f854f7b1a9d4b7
SHA512

957f77df618227a716805c294b019fa2214af9c53f3172f761d06cd0e7cbd65d0c3802f383d4faad5c822d791d2a5ab68a87ea7f939e6513478c735d344a680e
SSDEEP

3072:ze3DM17EL+Zq29/fpvKB2e2jrHHp1EED14akBVWV5x7jFUO/pRvCHG3Dz:ze3DswLn2PI2xrHFD1fk6VbfFz/pxCuH

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

d4043c6a00f5552c4b000121c6faf30908fb1f217888b69826f854f7b1a9d4b7
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 649B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.spm
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE