f9304e4001445b29c5268b0b78749939a6c5a5033533a843fc4ced8d272514a4 | Triage

Sharing

General

Target

f9304e4001445b29c5268b0b78749939a6c5a5033533a843fc4ced8d272514a4
Size

307KB
MD5

0b2eb4b8cc43641e1c47d8575584d8c0
SHA1

d99bebd40ea21b396485ddc417d93f22e015f6b4
SHA256

f9304e4001445b29c5268b0b78749939a6c5a5033533a843fc4ced8d272514a4
SHA512

19fb25b4caad67686cba5d8c126acf7859bd531a64d99fd611780e010adaf31c8ebd5b2d9c19319777487a9c65a97584b3d56831fb78f8614da461c978ad9a35
SSDEEP

6144:s1db49+rEg024fpLZazEjvE/rbay19tSt4bO2BaDmeBJe/ZVJy2k0vabW:sjkArEN249AyE/rbaMct4bO2/vLV

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

f9304e4001445b29c5268b0b78749939a6c5a5033533a843fc4ced8d272514a4
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 452KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 263KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jvstzyb
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE