file[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

4.3MB
MD5

fd7c99840a8a0c74eb7b1420aacb010e
SHA1

dd89248d95ab45261b9549b18e7e6a7618f82327
SHA256

677817a0182db451275cf23a4c1b96bb9d00ca6c3c50b244723bc6c0ef96b219
SHA512

24ca7b50aca89562cd5ec2a65530066b43d06a3083d524ea34aed2fd26a34842518c276701212538c6f5e9c43bf81838feb82638b417f1de026b167bb360c214
SSDEEP

98304:1rQR3Nb+4KKzahDusI5+c2dodQDtXvirn+ri:6x+4PzsDTI5gdoWpM+W

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

file.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 10.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE