2a7d3f156724ac11aa3a305b72728cbeaed9b4d39847d46db54bbfd351e825aa | Triage

Sharing

General

Target

2a7d3f156724ac11aa3a305b72728cbeaed9b4d39847d46db54bbfd351e825aa
Size

303KB
MD5

63bbd0d257d4a69fccfe6be07bf26ac0
SHA1

bc96e8668ef125529e691674dbe823f15c92cf9b
SHA256

2a7d3f156724ac11aa3a305b72728cbeaed9b4d39847d46db54bbfd351e825aa
SHA512

730d4c9757c0d2f6c5061cc87cc4a39d3ba0c735fec282b0c71d10823ca4de436ad41687e7c039976cf0b4575933a5fcb0afa6017f79acc2dd502d145321a885
SSDEEP

6144:+7UYntUlCVmbYiZEX2k+AxJj998C3r6Xpkrax/xOHs5fl:gcEV8Z4J+3C3Ojtt5d

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

2a7d3f156724ac11aa3a305b72728cbeaed9b4d39847d46db54bbfd351e825aa
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 364KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

prijfkj
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE