16bac676c30b0be17c82b8f1d9c838faf0ae9945e908498e1fdea67c89a5e6d7 | Triage

Sharing

General

Target

16bac676c30b0be17c82b8f1d9c838faf0ae9945e908498e1fdea67c89a5e6d7
Size

102KB
MD5

0de515a0f6da1e589f9f67079012bb50
SHA1

107fcb46514dfc66e3a926079ddafdb7d28dc25b
SHA256

16bac676c30b0be17c82b8f1d9c838faf0ae9945e908498e1fdea67c89a5e6d7
SHA512

d8a6a8e4c23262d184a3188504c6f9db8917ee850d0c12aa0ac57753eb9d7d6ccc09e369f16f1b7cf8dd68c028dc012248b9df8350db6e2d1262f2ab34aba5da
SSDEEP

768:J5vWtaVAs22ri42NJfPrQUYInJgm6uvF5BMCa8d:yzXoi42XVJd5u8d

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

16bac676c30b0be17c82b8f1d9c838faf0ae9945e908498e1fdea67c89a5e6d7
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ