098c7f66d504e0e20c53af260a2d3b36aec972ae26086ce8fe0db9aac1f2c82c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

098c7f66d504e0e20c53af260a2d3b36aec972ae26086ce8fe0db9aac1f2c82c
Size

224KB
MD5

4ceec42e13000140dbcd1262b93c1b49
SHA1

dc612eb3b7a6670112fa354a047f4d9ffb0be18f
SHA256

098c7f66d504e0e20c53af260a2d3b36aec972ae26086ce8fe0db9aac1f2c82c
SHA512

6e9f571d26f984072f306e7b54928a45311a5d7c8556d2ecfd7cd18fe17e24fb9b356f0f072a844ce87f493ee05e38f8550a2028f7f06951882d6bfeb035a560
SSDEEP

6144:NoG99B6BpFmwE5CG7JuDi/N5xAc8CNupxD:N93BcpFmwUdZ/NDAcS

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

098c7f66d504e0e20c53af260a2d3b36aec972ae26086ce8fe0db9aac1f2c82c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.khe
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE