e232ee36f43dd24a974f15b924e55a7aa1533e3bdc56ea3ee533f8a053c3b4e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e232ee36f43dd24a974f15b924e55a7aa1533e3bdc56ea3ee533f8a053c3b4e5
Size

172KB
MD5

8131e4e14eeae98a7992979f5c5a23e0
SHA1

80611969afa1b7789e14e55ad4978083483a1955
SHA256

e232ee36f43dd24a974f15b924e55a7aa1533e3bdc56ea3ee533f8a053c3b4e5
SHA512

aa5d715920f8303ec17e36fff0aada5399525f1be62b5685a6e4f44fbf1316d99b5759834d6ce70e601dd28693bba49d71668d44c6c78b1284c793d172445629
SSDEEP

3072:CqVA5dmtlMd22zvEEbhe3weluRE39wifz3QH8TmP8R6RVH8Y2C+9I2cvyQtgPENu:Ceqgtl0zbb0LkRCZ7kYAq6XvPCz

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

e232ee36f43dd24a974f15b924e55a7aa1533e3bdc56ea3ee533f8a053c3b4e5
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 324KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 167KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 392KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ