cd252fb2fb34156c5e90c8bd2077911ff7bc3c841f480887b755ad649330e28a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd252fb2fb34156c5e90c8bd2077911ff7bc3c841f480887b755ad649330e28a
Size

236KB
MD5

0d3a46c30bab07d03df649fa86e72010
SHA1

fdc7664c946600e905ae1e4f00e95f3ed1943b86
SHA256

cd252fb2fb34156c5e90c8bd2077911ff7bc3c841f480887b755ad649330e28a
SHA512

2d057a29d58e857748d8d7414abefcc71559073e4e5852a3e42614b64c36ab9098161672196c767ce6c26cf29edf4e240cde80d822ace7d362361c2855d3f9da
SSDEEP

1536:2n1vw0vAv+DOh3ZPKTp1EOwC3kHI2QouGr2gil4/+atfJ965T48nDcsH8RjhLM35:awaDOh3ZGoC06Gks6F/csH89fxYet1A

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

cd252fb2fb34156c5e90c8bd2077911ff7bc3c841f480887b755ad649330e28a
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 172KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RUPX1
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE