44808cb85939c3c0f621cf96e1c8e8376e9d962339f7609b204d4e069f8d1927 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44808cb85939c3c0f621cf96e1c8e8376e9d962339f7609b204d4e069f8d1927
Size

310KB
MD5

6c82bdd00b1b1b92dee1286f203fc99b
SHA1

014ddc557ec57286aaa4491091447264a0db7156
SHA256

44808cb85939c3c0f621cf96e1c8e8376e9d962339f7609b204d4e069f8d1927
SHA512

01d9abb88bf448a870c6ed73f332ee01d339455c00eb6c81a3a833bfbcb92ab4e6c95932d5efc7fc7eeb5bf4d84cfd4d3830e9c55a3b66a478620b29555df7e9
SSDEEP

6144:XyG5lP2tq3s4CF7jP5yeG9GbbQAY2tUsADcuwL6IlIZeOqHjzEI:XyG5lP2E84CBP5K9kQAYNsaEOqDzEI

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

44808cb85939c3c0f621cf96e1c8e8376e9d962339f7609b204d4e069f8d1927
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 130KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ohsluui
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE