ef00f5ba9ff0e8af093f7dfd2fcc42328aef0c50a3148dd38a0c686cd8c0273b | Triage

Sharing

General

Target

ef00f5ba9ff0e8af093f7dfd2fcc42328aef0c50a3148dd38a0c686cd8c0273b
Size

336KB
MD5

92a5f21fdd86fd6ebd1be7dc1dac74ab
SHA1

333c588dfcdafbcd8ab492964529f2c4fb50ac18
SHA256

ef00f5ba9ff0e8af093f7dfd2fcc42328aef0c50a3148dd38a0c686cd8c0273b
SHA512

0aa2a54f9069e87e7b735c38afa63f49304be42de71e1007dd11e925eb6d2056facaf7a37f3f0c3ddf39400301bc9aeda08e8c7eba9a1f19364131921f374059
SSDEEP

6144:fYZTNk3D6LyUXwLLk+cR3qh0GQ43VJRD0ew+/UOV7KhkMH:fSNC80I+cR3R03VseuOVwkMH

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

ef00f5ba9ff0e8af093f7dfd2fcc42328aef0c50a3148dd38a0c686cd8c0273b
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 380KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NUPX1
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE