abd1a215d3be623afe5e4949d0fd0c32a60da46d1d13045c708efc596686a76c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abd1a215d3be623afe5e4949d0fd0c32a60da46d1d13045c708efc596686a76c
Size

211KB
MD5

680ec837f8a57654b43c857d4d024eb0
SHA1

2cc08716135ab901ac7b13f3925654fbfd8ad3a8
SHA256

abd1a215d3be623afe5e4949d0fd0c32a60da46d1d13045c708efc596686a76c
SHA512

fcdf04bc0ef1314af6935707af89a6f9cfe65b5d00db053c154a807e7a9b6dc16f9e51fc56a785feeb4d316b356881255f0571cf96897d1ab1f9a6e344ef285f
SSDEEP

3072:qmE37oFd4YqOD2BE8NZkSCfCXtbx1LEdbRR9B8b1+fHTIgJD4XhB:qS3j2r5CaXh3LEdbn+oTh

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

abd1a215d3be623afe5e4949d0fd0c32a60da46d1d13045c708efc596686a76c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 120KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lbamb
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 82KB - Virtual size: 82KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE