6578486c7345c66409ef3effaa6610ae0978169979ca2aff869b7750ffcf2b89 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6578486c7345c66409ef3effaa6610ae0978169979ca2aff869b7750ffcf2b89
Size

250KB
MD5

08cbacaaaf2122025f7d6d1df9e593f4
SHA1

8e6daa8b8aa1c83fc47240ac851d4f806b732d71
SHA256

6578486c7345c66409ef3effaa6610ae0978169979ca2aff869b7750ffcf2b89
SHA512

31327ebd995bd36618ff3e16cbf017ef22af94e39631a787f290e027152b6357adb5e6ce400616e8dc511bbc35026cf9f6250342344c4c4316ebde03def359d2
SSDEEP

6144:jhFCzOo4Wclci3scHCRSHW8hhNi9j1KVrFOnkYJ74kiNBoPpnhKgFoS:jhBHX/sciwHWAabKJFOnkS74HB2pn7FZ

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

6578486c7345c66409ef3effaa6610ae0978169979ca2aff869b7750ffcf2b89
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 248KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE