838fee833c45caeaccd27d33482a86b05a1e43eab04bb1a91437befe182af731 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

838fee833c45caeaccd27d33482a86b05a1e43eab04bb1a91437befe182af731
Size

548KB
MD5

746d24cba503ca61b794d5ca3f1c5cd0
SHA1

f1603dfb1dcce51a5ae34bdae317bb31e362524b
SHA256

838fee833c45caeaccd27d33482a86b05a1e43eab04bb1a91437befe182af731
SHA512

e529e444fd63a541267d9e9000d96dd642fde087e438db604b25bf5e2e8989305e13c274ba4b5dea96dd672fa49aa68a0109d82574aecb74721796f43cceb874
SSDEEP

12288:yGZ8bdUvpOVtvfKtTukRyd9Z1Ja/RYefai:yGZSUvpg5mLRS3apYeCi

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

838fee833c45caeaccd27d33482a86b05a1e43eab04bb1a91437befe182af731
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 187KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE