efa7ceab667e93bc26ab1fb421fbaa99fd6b20fb5de200b65be047ba66750d4c | Triage

Sharing

General

Target

efa7ceab667e93bc26ab1fb421fbaa99fd6b20fb5de200b65be047ba66750d4c
Size

1.8MB
MD5

a0a9f2b5a1e7ed2fdaec4ec2801ef868
SHA1

49f9e3b9221bfbbbc8b91145ff9eef1c91984101
SHA256

efa7ceab667e93bc26ab1fb421fbaa99fd6b20fb5de200b65be047ba66750d4c
SHA512

3d8e4e7066e7c7ec9e3d7405cf8344863e6493ea49d2eb7cd434d2a55385efc5803a25b771061a6143e21ba45736102fd7df8351ea5937275f100661e60f0927
SSDEEP

49152:U8a8z8i+8a8z8iR+V8tgJd8C+V8tgJd8h:N3R+CgaC+Cgah

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

efa7ceab667e93bc26ab1fb421fbaa99fd6b20fb5de200b65be047ba66750d4c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ