20c3decac80e7f4cb2af1faaca02fed965c788adc9761621b4c4f0e5994d1a82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20c3decac80e7f4cb2af1faaca02fed965c788adc9761621b4c4f0e5994d1a82
Size

37KB
MD5

833559cb9241bfbe682ff243f5754910
SHA1

b1ff6a966bdd062e53379629370c7c534124b367
SHA256

20c3decac80e7f4cb2af1faaca02fed965c788adc9761621b4c4f0e5994d1a82
SHA512

c273a51b3079750eba34809c2867fe820931008c70bc709434138a40bdffcfb767622c2b239460e6a0320586e6741a9049334083e820ca22bfb53ddb0f3fa0b0
SSDEEP

384:j5P6d+tTZcrUAPkjMZlm5P6d+tTZca/r4uMu:j964fAPdZM964hr

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

20c3decac80e7f4cb2af1faaca02fed965c788adc9761621b4c4f0e5994d1a82
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pb
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE