f39b797866ccc75687e82956318d16bf8c116bcd8f82b5275cd3291f31a1b4f4 | Triage

Sharing

General

Target

f39b797866ccc75687e82956318d16bf8c116bcd8f82b5275cd3291f31a1b4f4
Size

717KB
MD5

bad719f16ef7584e9bf5902f9ee31de9
SHA1

a919f93cf13a4b8d132ef8590aa7748fc0bae2da
SHA256

f39b797866ccc75687e82956318d16bf8c116bcd8f82b5275cd3291f31a1b4f4
SHA512

be1a7b53484ed806f78ddabb0f66c5bd782d94c16f359a8d3ba7af72347869f0f315bc1a4fe439dbe8c8a92188ebe273f164fb8f0d0a6cdac32752facc1d08d6
SSDEEP

12288:2ZdYPxzvBDtU1iHSrWNWh5dIlUoSzGpuOkY0a8NLnhphc9E:xByiHSrWNWh57oSzGpNHMDhpl

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

f39b797866ccc75687e82956318d16bf8c116bcd8f82b5275cd3291f31a1b4f4
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 685KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 812KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ