17a49cb1da3163c2397c70cd94c0ef2d1bcfe92bb90dec57d56bd0d1df6a447f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17a49cb1da3163c2397c70cd94c0ef2d1bcfe92bb90dec57d56bd0d1df6a447f
Size

111KB
MD5

0df24a09b60ec96f1111c0f1945ae410
SHA1

141820d334c224db38cfcc30e9ef7e788764c9d1
SHA256

17a49cb1da3163c2397c70cd94c0ef2d1bcfe92bb90dec57d56bd0d1df6a447f
SHA512

11075875bcde23de99d9e8a486e089a39526afd5250ab7692b1687c1ba535a6848bf7d2785bfcc73c9cebeb1fe9d45a7772f7ac56aaae2ec2e39e7a6b194c259
SSDEEP

3072:TROzoTq0+RO7IwnYg/+GwKnd1IpY4JVBT0:1kdNwBX6YALT

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

17a49cb1da3163c2397c70cd94c0ef2d1bcfe92bb90dec57d56bd0d1df6a447f
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE