04d10b13dbe43d687c3a85d38e9efce0fefdd0168d4f2e47eb40637995e1062e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04d10b13dbe43d687c3a85d38e9efce0fefdd0168d4f2e47eb40637995e1062e
Size

546KB
MD5

829ae8cb95a3737cf7504d9301a43e73
SHA1

870bc3a4718d761c7c21d95ea484de3f8d4e8430
SHA256

04d10b13dbe43d687c3a85d38e9efce0fefdd0168d4f2e47eb40637995e1062e
SHA512

1da813b45501084ff1effc6eaf9ed5e250f43f27d0d3808a4b57b1671ebc5966611420d9955cc46c0b0aca82bb98b4e5697935a95f95b8bd85027ff86334c364
SSDEEP

12288:UmhkKObZpbBFwjuVYY/mP/EZWVbYyD+S+:jV2BFwjR7PMa

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

04d10b13dbe43d687c3a85d38e9efce0fefdd0168d4f2e47eb40637995e1062e
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE