f787e273be7ab494ceeddf8785082277a45bbbab11d4a5827970f51682a98438 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f787e273be7ab494ceeddf8785082277a45bbbab11d4a5827970f51682a98438
Size

72KB
MD5

6fa45b56c9b042a6f333d63bb3c1f5dc
SHA1

09aa4003dc945b3785a4f84173d851d1263f92c0
SHA256

f787e273be7ab494ceeddf8785082277a45bbbab11d4a5827970f51682a98438
SHA512

724a8e718daa3db3a0304eccee21ad1b4256db2ebc08c86d2312348fa89222705adba89dbb3f0a4adb123418891bd4aa9025b305b9206d7786057d8acdaa40b5
SSDEEP

1536:kuspPl7N1hSpKsT7OTea5SxOGUfNOkE3o+8WASEX1lTCwywoKxXH:kdPdNUKsTiLoUFOkqH8hJCpw5H

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

f787e273be7ab494ceeddf8785082277a45bbbab11d4a5827970f51682a98438
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.bss
Size: - Virtual size: 46KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE