4d9379876a5190de12b92cfe67f029a64799ddcdbb55a0ed8ffb241c9c741890 | Triage

Sharing

General

Target

4d9379876a5190de12b92cfe67f029a64799ddcdbb55a0ed8ffb241c9c741890
Size

244KB
MD5

907a08a3339005ba0807b9419684ae20
SHA1

6108f1a6607037130ca8ed52abbb58b928eb4890
SHA256

4d9379876a5190de12b92cfe67f029a64799ddcdbb55a0ed8ffb241c9c741890
SHA512

00b5012c0d1272e1e29a46bc84f9c5ede02f91d7d13f6b0226439c033c7a5082a21bc4df7da7922663b4a45db13d3c835cb07ea085b9c118207d1cb3edae9285
SSDEEP

6144:Bz54hg5yegOYMVRxKFhOpPprXn6KiDw4TfLD/epCErSoUatOQ0sn:JawyegOpRQM7TnYD//WCErzT

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

4d9379876a5190de12b92cfe67f029a64799ddcdbb55a0ed8ffb241c9c741890
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 237KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ