905a78ee0da90b1adad1c0a5375f13d8c8b83f0aa01160865b51f1007b3ae6b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

905a78ee0da90b1adad1c0a5375f13d8c8b83f0aa01160865b51f1007b3ae6b0
Size

592KB
MD5

d19077001ce42558b9916742d2a3f727
SHA1

61f088653d8fb6e9d85e55bf037fe934617061c9
SHA256

905a78ee0da90b1adad1c0a5375f13d8c8b83f0aa01160865b51f1007b3ae6b0
SHA512

cc98be60b2693afd484ad28f1744c37e2552ed5f63cdfb78c4779418990f8ed01c2c125df561856066785f8d6eda692bd7d6ccb94ef2d74039e041b429802d8e
SSDEEP

12288:hwu5KWUqHBNvSbJWZjFW9Z0Us5R03wYzUrHpw1hzhLgqg5+W:WLqHzSNijFEuU6R0gYzyHe1hzhJgUW

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

905a78ee0da90b1adad1c0a5375f13d8c8b83f0aa01160865b51f1007b3ae6b0
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ