25cdb17d430e077f5fd356a79f627ec09b97c7c04cd36f411a595c16d1fb1927 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25cdb17d430e077f5fd356a79f627ec09b97c7c04cd36f411a595c16d1fb1927
Size

425KB
MD5

07c95d841549fad2426f9bb128cd3880
SHA1

9cdd8258b7f5534cee0b0763dc617ec291c42ac9
SHA256

25cdb17d430e077f5fd356a79f627ec09b97c7c04cd36f411a595c16d1fb1927
SHA512

b59dd45d8bff8c0c87d19364b7512b3182dc3ec28695f056a905715bdc7cb09d80ebed4b384a5faa02a7d632c829626e2f762a384ff774aee4ac38431de4bb96
SSDEEP

12288:aaFZl18+2NQ0AKjmvg4gJSCAkYKooopcKxE:aK8+2kKjmv/CAkHhopc

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

25cdb17d430e077f5fd356a79f627ec09b97c7c04cd36f411a595c16d1fb1927
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 393KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

puxiwff
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE