be6f3a79a0dac8cd9c0dd19ad4d6cb7bd5dcb128dd1f381bb41a2e862e9ed86c | Triage

Sharing

General

Target

be6f3a79a0dac8cd9c0dd19ad4d6cb7bd5dcb128dd1f381bb41a2e862e9ed86c
Size

199KB
MD5

6af52553319c7d8e96916acb5a9700be
SHA1

305bfa0f15de012263ec4b85c6ece27e283774fe
SHA256

be6f3a79a0dac8cd9c0dd19ad4d6cb7bd5dcb128dd1f381bb41a2e862e9ed86c
SHA512

392630765d3890d506b3e842724cd5a0eef9180d2016cdba9ca381ccf361a4b4c7344fabbe2e77ed02c8e4839e0abfd29cd88fbf1b2ee4209a726b4edf3492bf
SSDEEP

3072:KR/0HeFO4GXIenSg5d5/G/UKJwPsRzuZlalVrVWbr/F+hu3TaaU4jB+4DcTib6fo:yM+FOJrsJwzZshVWbr/0kD04tcM6fo

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

be6f3a79a0dac8cd9c0dd19ad4d6cb7bd5dcb128dd1f381bb41a2e862e9ed86c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 191KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ