50cdda80b79adfd898fda4a6a4fb3fc11a15d1f02cbd40ce2fc82a588f145971 | Triage

Sharing

General

Target

50cdda80b79adfd898fda4a6a4fb3fc11a15d1f02cbd40ce2fc82a588f145971
Size

346KB
MD5

0774f86673984c0cda7d77a1705686f7
SHA1

8ae394f9818dd1ab7fe9aaad3eb4c03283165f92
SHA256

50cdda80b79adfd898fda4a6a4fb3fc11a15d1f02cbd40ce2fc82a588f145971
SHA512

4fc1154f867427df507e62af3afc57f0dfb8833ecc28aa794c7b3bc7fa0b0072282eef2076ce1f923014d896fd14efa9f699466f110d7bbb53ef51d4e8de66df
SSDEEP

6144:M0SOUUWLdVzJE0KQmwu3saKByqG0Ogj1+u01tzlsLYh84i891Gh:zSOXW7zrKQvuzb21+u0/f64z3Gh

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

50cdda80b79adfd898fda4a6a4fb3fc11a15d1f02cbd40ce2fc82a588f145971
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 376KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EUPX1
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE