e2320d78f376de55d57ef6fd98e5370e6a81add2234336daed03c13d5560fe62 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2320d78f376de55d57ef6fd98e5370e6a81add2234336daed03c13d5560fe62
Size

286KB
MD5

4fa7a45b6eda9af043cc6fa8438158f0
SHA1

d02d6bf6d6a330eec06a8ebd793b4c2a16706848
SHA256

e2320d78f376de55d57ef6fd98e5370e6a81add2234336daed03c13d5560fe62
SHA512

b5f21725f90b5148eb68c025e3188b3b738f3087766378a29875362b41aabdb0b8dba76e6281f870a3cc0bb5ac583b9f5926ca51d65ef57fa53f67cf92a30b66
SSDEEP

6144:0NswXtATtZJz6TldWYvs2DlBcOBHijxiSNEgFDdW:ksu6965fEeB9xi1VEYdW

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

e2320d78f376de55d57ef6fd98e5370e6a81add2234336daed03c13d5560fe62
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 220KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VUPX1
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE