e84262a2eded1a4b2e1d08eec65e8867ad2636fc18b3996f30dab0a7716e0b98 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e84262a2eded1a4b2e1d08eec65e8867ad2636fc18b3996f30dab0a7716e0b98
Size

407KB
MD5

40082b875a99f5ee25dd2ccd1855b910
SHA1

c7bf7999fdb80aae4999cfae3514d294a6e88b51
SHA256

e84262a2eded1a4b2e1d08eec65e8867ad2636fc18b3996f30dab0a7716e0b98
SHA512

a404970537778e528310ab979f74bab2b4a23c8dcb4aa5f90e5fb4f9754d77880d9ea33da99eed36a1018728b57ed423698d1e5779fda59f302ed4263d60c766
SSDEEP

6144:FkUW4PFUxkfsWYUc3wWtY4I4vTIZ6z37YyQYxuY+1bDGL6S69uqIY:CyK+Ro3wWtXI4vTjMyQ3Y+Q62qI

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

e84262a2eded1a4b2e1d08eec65e8867ad2636fc18b3996f30dab0a7716e0b98
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 339KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ZC
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE