3b846517dbb3a67170fd1bdba81a156be50dc7518c76b5061e4033722afdd85a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b846517dbb3a67170fd1bdba81a156be50dc7518c76b5061e4033722afdd85a
Size

48KB
MD5

4155b1718af0e99d705977968e16633c
SHA1

d7fc43c5485a1c9a607bc2e62b975e7ee631e91c
SHA256

3b846517dbb3a67170fd1bdba81a156be50dc7518c76b5061e4033722afdd85a
SHA512

72eb73ce2da70afda6468f3122bae8212a61213f3a6263a9450f61b5264cb9b7b8b857f4baddba1f23d729e713cc609b0a3f5331ff3c710adaa7a8bf6692f3ee
SSDEEP

768:6h5htg+i5seX4Gcjgf9r6n1gNU3+LAoTU2QHhWdrsQrogM+ShNCHCDLISA5ir2Kj:6jAPoGcsf961gNUGTTzsQBM+BCDu

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

3b846517dbb3a67170fd1bdba81a156be50dc7518c76b5061e4033722afdd85a
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE