1d7bc650136085a7246454b23f608a4017f14b0d924979db9786829167ac8212 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d7bc650136085a7246454b23f608a4017f14b0d924979db9786829167ac8212
Size

241KB
MD5

05a0a9f94fe2e539e66d341a67a3e83d
SHA1

3b3a1dd06870e923e96aa9cbd75b157cf7ff90b6
SHA256

1d7bc650136085a7246454b23f608a4017f14b0d924979db9786829167ac8212
SHA512

ac1d33a73bda65fc0d07e87bd33c77ee174120c6687e765d215d51e05bff148e8a99a8812b32012178f91fdc48712049179c244c55dd086423eee5e06976d4e2
SSDEEP

3072:l7fv1irq+0C0J3wRfJhqGXfR+WqRXPVepDAQIkMTedHu2NItXyrgnPqIlPmeA2qH:lT9+g+j94Wq6JAQId0HoyUnioAE+e8z

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

1d7bc650136085a7246454b23f608a4017f14b0d924979db9786829167ac8212
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 211KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ