05183bc574935d9f2064def147b9c2d9f806be358fae406ed068c3ff674dc575 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05183bc574935d9f2064def147b9c2d9f806be358fae406ed068c3ff674dc575
Size

79KB
MD5

03378a9396585f627ce8287bf6a2b7aa
SHA1

dd9f0432a7d536bbd67dd8fc11e4b3d59ddf69d6
SHA256

05183bc574935d9f2064def147b9c2d9f806be358fae406ed068c3ff674dc575
SHA512

baa9b806aaf3687611a47a69ec6449fa60fedda3b4d04aa8621b158366d844607a5a30a5ba564cb538a2fb41d3d53df849e01492bd7aae0d35cfa7b0bd13d1c6
SSDEEP

1536:yY1Mq713r0DaQvP991cMJna6toLOkr9DLeR/e+NLlsjSy4Dm4ocrMYP:yYKG3r0Dacv1ccq9DKR/vN56z4DQy

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

05183bc574935d9f2064def147b9c2d9f806be358fae406ed068c3ff674dc575
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE