4fe951f2a4c1436bd5c8d3bf642bc73359e47e93b859e4bc4a51878d6ee25506 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4fe951f2a4c1436bd5c8d3bf642bc73359e47e93b859e4bc4a51878d6ee25506
Size

49KB
MD5

a118614e6ff83d575984f66d183a3c60
SHA1

424aa86051360fc63406f5a9db0fb0c612b3fb5f
SHA256

4fe951f2a4c1436bd5c8d3bf642bc73359e47e93b859e4bc4a51878d6ee25506
SHA512

c190034c7e7973898f4c385550cf29ff7f0609595443d1633893c96a8e7512bba4c3e4f8d334a6c8d5ff88be85381090c159165a7436e6960de32e8a33e67b80
SSDEEP

768:x0oyHSe3JTsXJy8hmiabHq1jOOVjJKOxfCgQPtdtu40vf/88ODsjPWOB:x0dSeJyJy8EqR/GONCNldt+vfvtPWa

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

4fe951f2a4c1436bd5c8d3bf642bc73359e47e93b859e4bc4a51878d6ee25506
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

LoadClientAdapter
OpenKeyReader
OpenKeyReaderWriter
g_fnStartTransport

Sections

.text
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ