88eef7f5bf64a6977819ad7ec487ccf850b442ed8793ff4b9a34392083b4efa5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88eef7f5bf64a6977819ad7ec487ccf850b442ed8793ff4b9a34392083b4efa5
Size

321KB
MD5

90314b726d311b4aef0252d3529a7140
SHA1

4cd85533182aaa224f6155c43bdad597494771ea
SHA256

88eef7f5bf64a6977819ad7ec487ccf850b442ed8793ff4b9a34392083b4efa5
SHA512

2cde7e66eb80306919d1c261ec44e882e1fa0e7b4bfb38edbe92ffe81f23c2dd9515147d195eafe3c7d37c52c59e9e281ea62326e90e28d23ea6446d474daac7
SSDEEP

3072:9uHUJU+1l8nSCXOKcSZfuj014yxCAeEYs9a3nGtg0d50pnjdWsCbcNJL+HCYz:9uHIU3SCXOM31Gs48xmj0sFNJL+

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

88eef7f5bf64a6977819ad7ec487ccf850b442ed8793ff4b9a34392083b4efa5
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 376KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 168KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SUPX1
Size: 64KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE