f2871d644622c8c1fb66d9832b7b56a1256c9cd45b527feb81f3f8c84a8a0b92 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2871d644622c8c1fb66d9832b7b56a1256c9cd45b527feb81f3f8c84a8a0b92
Size

164KB
MD5

82e97d7de3e8b29da6f0a87083f43df0
SHA1

b8c6af4d36129c89b071b2e44854d5bbbf849249
SHA256

f2871d644622c8c1fb66d9832b7b56a1256c9cd45b527feb81f3f8c84a8a0b92
SHA512

0d66519e01ce7cee5ace631f66e2edf30ded7f28a301b9715cdb319d33807aae82adb755f522cb90dd1a5629eb58fb3d38e2d1dc9ed1481cd2b9f436a8d828c4
SSDEEP

3072:G6pRxD3Ux5sGPrh8qiAA7WF+6aLK2IJqi6uS+gkDstXKJVhI1zgNaN7rx:BRkrhnBFJVKtl

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

f2871d644622c8c1fb66d9832b7b56a1256c9cd45b527feb81f3f8c84a8a0b92
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ehfweao
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 140KB - Virtual size: 140KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE