3bc927642ac9fb68e00e5fb575a0dab8ecdaf2ff11565d5b6d7684d7da5b8222 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bc927642ac9fb68e00e5fb575a0dab8ecdaf2ff11565d5b6d7684d7da5b8222
Size

758KB
MD5

63065c8428337e15422b196a45531b10
SHA1

38198ace45ecdb591c4fc6c4d9e01c1cd3ef8d8a
SHA256

3bc927642ac9fb68e00e5fb575a0dab8ecdaf2ff11565d5b6d7684d7da5b8222
SHA512

8658359a824c3d7ed27f7a050c2b1f265543f98d588f6ae91571a6bf095314aa50c0de6c2e555db3fcbd58a0008824de0bc919f1573bd0698851b7334839f2cf
SSDEEP

12288:C9SQtTupsnSk8R5w2/0mrd8GRnDR20b8J8spJfpC0:tQtTuGnSkIwq0kV2eA1fpC

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

3bc927642ac9fb68e00e5fb575a0dab8ecdaf2ff11565d5b6d7684d7da5b8222
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 458KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE