dde283e6d4b2fb1f6d05a6a565d99d27d6522a82d47953bc541166ac3f1b5072 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dde283e6d4b2fb1f6d05a6a565d99d27d6522a82d47953bc541166ac3f1b5072
Size

353KB
MD5

0932d8070c168e4a7565132eb4f6f74c
SHA1

77b002b51e1ccdb6fa9f13b1822fe58bd9c66901
SHA256

dde283e6d4b2fb1f6d05a6a565d99d27d6522a82d47953bc541166ac3f1b5072
SHA512

e977b2ee07ce544a4dee8ecf9cff57c6b2f77c8b9b401ca9c9e840b8f15d620cd93e567cacc571738a08cce6c6dbf29617a1566004740993b4bfc0043c833505
SSDEEP

6144:T4PKmD46+IOfxOzcJfG4E39Z25Sk6rOnjhOVTrsWJfpHBP33kfGUHKE:hp6+IEUzafvIP25StccrsWlE+ih

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

dde283e6d4b2fb1f6d05a6a565d99d27d6522a82d47953bc541166ac3f1b5072
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ