ae2a797cd0231bdc74cdd7d178f089435043076d903ae00592c0be1a9b1b283b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae2a797cd0231bdc74cdd7d178f089435043076d903ae00592c0be1a9b1b283b
Size

871KB
MD5

81412e2b468a05f82b17af5161f31ea0
SHA1

349c60e4176338a970b092b12719530c287b41bc
SHA256

ae2a797cd0231bdc74cdd7d178f089435043076d903ae00592c0be1a9b1b283b
SHA512

a38093c81916b280a5c8769170b9623c7ee46b5508f5fdd527b92476cd35c70bb54b9d44e3b730229495c0e9f88f8ccd07aee8837cb70cfa1148cd934f400f6f
SSDEEP

24576:1VCH7E1S6rWb1i0bhNBTnPDrrhuEQmX2KC:3IEY6ScghNBLframmKC

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

ae2a797cd0231bdc74cdd7d178f089435043076d903ae00592c0be1a9b1b283b
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.WWPACK
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pklstb
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 521KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 325KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PCGW32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zcode
Size: 96B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX3
Size: 29B - Virtual size: 29B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 114B - Virtual size: 114B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE