tmp | Triage

Sharing

Copy URL Twitter E-mail

General

Target

tmp
Size

5.1MB
MD5

a2b4128770693b57005d05dfe662d49f
SHA1

184dbf2fdbe05dae9d951c9ffe082f4e08827c93
SHA256

b7b27a5741a8e143345e44e8cc48c80f829932c417eff0a101276b88b86bec4d
SHA512

874b9d7fef1f0208b57c0f43b0cf4f9e3d75577a808c71dbf229ef971434e8130061226733c8acd9ac64b0d4dc824a67c97c12c18e9403c0c0019314f18b22c3
SSDEEP

98304:iHz1MwuZXAlgguFFgw1/JwUKToj+mnZOqIr3ktqK3lyymzlpw+WKXkE:iHxuF0gNFgNKyF4tT3lyymzlurKUE

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

tmp
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 13.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE