b169afe20ec2d2f67be8adcc7f864344482d44245abfd98657bfe0e6ca122e9c | Triage

Sharing

General

Target

b169afe20ec2d2f67be8adcc7f864344482d44245abfd98657bfe0e6ca122e9c
Size

236KB
MD5

816285088c4a0d13fd9f0ec53db1a7b0
SHA1

83081b71284b1d8e414ba32e8565ee5aed9ff368
SHA256

b169afe20ec2d2f67be8adcc7f864344482d44245abfd98657bfe0e6ca122e9c
SHA512

6ac393aec8621ee5caac88495f5c012ed0e175b8d04d3ecf385947452fd0e0b61769c8bb5a6292aa42adcad392dde1aae0a4468752ba8ffb64694468041d7a82
SSDEEP

3072:3UXH+kVsfrtRfswSlOj7VkJT3CleaWnqxtoQhVJUGPG4Cm35IwNk+8/:+LUtRfsbK6keXaLi4Cm35pk+8/

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

b169afe20ec2d2f67be8adcc7f864344482d44245abfd98657bfe0e6ca122e9c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ