33056ff5c6d31d62b4ff27fa7c1b711bc1f21052233c79ea4e75e0e9d995c83f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33056ff5c6d31d62b4ff27fa7c1b711bc1f21052233c79ea4e75e0e9d995c83f
Size

192KB
MD5

0c2682a537b171cd7018ddff42716a92
SHA1

73938eedb77c0074d2991dd9f60d1b734608f22f
SHA256

33056ff5c6d31d62b4ff27fa7c1b711bc1f21052233c79ea4e75e0e9d995c83f
SHA512

200ed7af3aed9ba4f2a1df4faf286d639288490745dcfef10e70c04ab6c5372b2562d135c1166edeb1ab3b99a163ba5725156f876f654b84d0e038a81f7fd47b
SSDEEP

1536:QBtPpmbdPHjQ1NdnIJIeo+G6byTQlFJhUjyV:QbPeJQ7mJdPG6bDFJwyV

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

33056ff5c6d31d62b4ff27fa7c1b711bc1f21052233c79ea4e75e0e9d995c83f
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xbgtims
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE