d8bdcaa5c8d29446ee715956526f168b2330f017e37d87b07e720e1c5f3943b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d8bdcaa5c8d29446ee715956526f168b2330f017e37d87b07e720e1c5f3943b0
Size

231KB
MD5

0b2033274ab54be8f076248570d7a107
SHA1

dd37f817ceef8e3dc6edf2406383b637ca81af89
SHA256

d8bdcaa5c8d29446ee715956526f168b2330f017e37d87b07e720e1c5f3943b0
SHA512

39d4f97193afd7b1241d6384129fbdf5d771076601adcdb38f4e76c516f83df248b2938a33a7491c17ecee931e12145d202c2e4ebbad78928aca5818461742b3
SSDEEP

6144:zjYD4PawAJ1VI2sa7WynlbN5bn7oGulhd:zZaXrsCW0N5bn7oGulhd

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

d8bdcaa5c8d29446ee715956526f168b2330f017e37d87b07e720e1c5f3943b0
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

UPX0
Size: 66KB - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE