c650d74c9868e2a2e0791aa74a523b0d7670d3c114cfaf48d0371a95e762a68d | Triage

Sharing

General

Target

c650d74c9868e2a2e0791aa74a523b0d7670d3c114cfaf48d0371a95e762a68d
Size

352KB
MD5

08ee35c103900f590d269901ecf84da6
SHA1

b87a48009869e89157d3c9e38f67deb95d1fee3e
SHA256

c650d74c9868e2a2e0791aa74a523b0d7670d3c114cfaf48d0371a95e762a68d
SHA512

f21876028070c7f21efa862265fc96ebc48e87acaaec8f9abe763aca1b7b3526b0bc5cdc7bfe86f82f663e6e84ecbae08289fa87b91f3bae6acb69be5c981d78
SSDEEP

6144:vIGEnprZkRs38t54c6rzNdfDIGEnprZkRs38t54c6rzNdfW:vxEnAR934fxEnAR934S

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c650d74c9868e2a2e0791aa74a523b0d7670d3c114cfaf48d0371a95e762a68d
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 532KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 118KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 612KB - Virtual size: 610KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ