fa0c16139bfb5f0a4d81a069c8987ec7f7a1c650868aebcaaa473243ae1c9db6 | Triage

Sharing

General

Target

fa0c16139bfb5f0a4d81a069c8987ec7f7a1c650868aebcaaa473243ae1c9db6
Size

58KB
MD5

7d3d00cb3eccd0b616931a2e56a94ea8
SHA1

a84a7390af98459cbbaa0091937b8686f09e9853
SHA256

fa0c16139bfb5f0a4d81a069c8987ec7f7a1c650868aebcaaa473243ae1c9db6
SHA512

994ea4cf8db594758cd57f547a3a07162e0e87eb70e659785d55130f8ba08742823077535b42483880290aa9b7706962679d57338a0ade2f28b9354ab1a4daf2
SSDEEP

1536:hz9lkRD01PkFn7+JTBMTYzJ/maZaGf7ZRUH7Htx:hz9lkRaPcSBMTYz1Qi7ZGbNx

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

fa0c16139bfb5f0a4d81a069c8987ec7f7a1c650868aebcaaa473243ae1c9db6
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ