0f77c917f4f9af487a3bd601a62b6bc38eae9dedce399beed05d6a4f4c0df888 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f77c917f4f9af487a3bd601a62b6bc38eae9dedce399beed05d6a4f4c0df888
Size

636KB
MD5

04f69092860788f9d55e51033f83a207
SHA1

88d42c4e364604c619098287c179862a3b1501ff
SHA256

0f77c917f4f9af487a3bd601a62b6bc38eae9dedce399beed05d6a4f4c0df888
SHA512

c94814be210163f1e1ea54fd265042a7ffae25eadf93cbcc7f687202bdade36815797021cb3552c198ea9cd329bb17820b070edd57ee755da18a189cc746e347
SSDEEP

12288:USNC80I+cR3R03VseuOtmjkO+ojUhuPLaakC2S8rBFCm0mW:U4ChZcRi3VseW1Qhuzf8NFCq

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

0f77c917f4f9af487a3bd601a62b6bc38eae9dedce399beed05d6a4f4c0df888
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 380KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rol
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bvgbcqf
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE