7bef85c2bc63bf2a341ddacbf4d7d2f66afe7fc0a4ce227749f0961c0e167730 | Triage

Sharing

General

Target

7bef85c2bc63bf2a341ddacbf4d7d2f66afe7fc0a4ce227749f0961c0e167730
Size

38KB
MD5

404a330a5a675d3a6c957a7843f8f599
SHA1

3ab5ab65e8cbb64545e1585e1f1e03b1c19b84df
SHA256

7bef85c2bc63bf2a341ddacbf4d7d2f66afe7fc0a4ce227749f0961c0e167730
SHA512

27fa5135218114885f9e4600b9d0743c1d6c20517c1cb4fd2cc3d09174ae4a109b5564fbb2199ab1f8b0bb6ec0530e611142cd89820acdb950bbb551d3bfb019
SSDEEP

768:/8Thu61vFi/7u4CFgHdgDCgKEmSy0aIGdBT8:0k6Ro/7DVHeC7EBy0avdBT8

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

7bef85c2bc63bf2a341ddacbf4d7d2f66afe7fc0a4ce227749f0961c0e167730
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 260KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lzjplmt
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE