147c3d6d26f356ea523b99fa0e0c56deb4b01294460a12cb04d3886b598d24b5 | Triage

Sharing

General

Target

147c3d6d26f356ea523b99fa0e0c56deb4b01294460a12cb04d3886b598d24b5
Size

118KB
MD5

650baf84e5906c15f49fd3fcc588356a
SHA1

aa6bef28c51574a07c43cf11bcaa525144398c2c
SHA256

147c3d6d26f356ea523b99fa0e0c56deb4b01294460a12cb04d3886b598d24b5
SHA512

c181dc72d99058d8b812f1c7c6064e6397175bab43cd314d7a686d048973bd5534d29055358963c42427282d834b9d839d2ff6cb11921b9fecd8c94f54dca98d
SSDEEP

1536:sbqNVsCpquXuA7xCxx5KCOcAN3qszuWsi6usKk7duG:hVBsQxWxexzc1D1

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

147c3d6d26f356ea523b99fa0e0c56deb4b01294460a12cb04d3886b598d24b5
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE