753952fff257d8c3bb8976f214fedd7aa862c73f6392c57981cd0dfd411bf526 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

753952fff257d8c3bb8976f214fedd7aa862c73f6392c57981cd0dfd411bf526
Size

1.2MB
MD5

2994c9485c46100cab8735cbec734cb0
SHA1

068604abf5a2e7a3a1387224c10b282f7c4ab7d0
SHA256

753952fff257d8c3bb8976f214fedd7aa862c73f6392c57981cd0dfd411bf526
SHA512

a0a609d19f4435d01f3971aa67b28da9e7cbde9b9210f8fdba4bff89c2d1a7666a817384a87a1b70a8269bbb6768630e0b40b1b0b5717e2e6dc7d8eca0af6b16
SSDEEP

3072:lBROzoTq0+RO7IwnYniEEMdU2ZnL/iZIKqNbj7cFppsu:lPkdNwBBMdzh6ZIHxcj

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

753952fff257d8c3bb8976f214fedd7aa862c73f6392c57981cd0dfd411bf526
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE