79e16cfa26b50b4177afaea3a67df65c623628b0ea7bb26fff87b73f4b0f78f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79e16cfa26b50b4177afaea3a67df65c623628b0ea7bb26fff87b73f4b0f78f7
Size

130KB
MD5

9163f329b4a6438175fa3f0a50c38840
SHA1

8fcf7b512db864d4e30bf57a841443bbf0dcd135
SHA256

79e16cfa26b50b4177afaea3a67df65c623628b0ea7bb26fff87b73f4b0f78f7
SHA512

a777f89074705eca6d90b261411ae68ba30f0663897625721820cd84e0b2f91414d4fff0ea1828e15b39275c5907b46187e2c521b30306903392d7fcbe74e94a
SSDEEP

3072:TZN8X8AYKPhlc5HnnigbjAXKzkbTaQDMgEM1Ju2Dw:TUIS85HZqKgX5ldJLE

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

79e16cfa26b50b4177afaea3a67df65c623628b0ea7bb26fff87b73f4b0f78f7
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE