df9ee83f2582d5c804bdbd291db45841db1f1458e0f30b071003cb9235a754ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df9ee83f2582d5c804bdbd291db45841db1f1458e0f30b071003cb9235a754ff
Size

205KB
MD5

823318657fa12f0e21e440141b3193c0
SHA1

323a06e89f75d2750d9d711df18719fbc88e08cc
SHA256

df9ee83f2582d5c804bdbd291db45841db1f1458e0f30b071003cb9235a754ff
SHA512

29bd982e0bb29ac943eae2e2f31db1446fd7d339df92d2284538e1fc0b483c536a5b8ed179c2510d6bb1ce2cdeed5455713a972a725e0db68417ed6ff3739225
SSDEEP

3072:KQa7k1f8PqJ4+Nv1xZmLlQjk4KJLiSfoxFxx1hjr8MG1D0Vz3UnSKalIsyC9cj:KQa7kWPqFNtQkk4KlZfoft5QuGnSK9B

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

df9ee83f2582d5c804bdbd291db45841db1f1458e0f30b071003cb9235a754ff
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 344KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dspack
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE