fa75f5e2aa6c5b99e76a2529c59f88a093b1ea4e8b8ebae5f32bbd317606e724 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa75f5e2aa6c5b99e76a2529c59f88a093b1ea4e8b8ebae5f32bbd317606e724
Size

122KB
MD5

0e22a9def3b417ea4c7f9a142aad132c
SHA1

0febbe6c134181c7ad177fa55339f425d6c82131
SHA256

fa75f5e2aa6c5b99e76a2529c59f88a093b1ea4e8b8ebae5f32bbd317606e724
SHA512

d0719e0296cc84f02f1c1b7ef523e4e479f04244b9c575aaf596f2ff5ab84c42ee819efde60ccf180447cae38c0bf09e5cb37e1382a4cd762dd6b7a1ea03a2f4
SSDEEP

1536:UQoCtrPFES5hBEKyw3qzsfhfFlT2ZOcmFa3hd+g/H37QbSb9LNadohC0w:UytrlBREwZN8OcIaR3X7SSb96ohCB

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

fa75f5e2aa6c5b99e76a2529c59f88a093b1ea4e8b8ebae5f32bbd317606e724
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 260KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tbtzaqh
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE