102aa737d88f2a3ee248146c914829fe06f6a3ada8b9e9b123e9be8a520b2a78 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

102aa737d88f2a3ee248146c914829fe06f6a3ada8b9e9b123e9be8a520b2a78
Size

236KB
MD5

3b86ccd796b9f1491ec56ef45871e723
SHA1

5db0da5a50eb539cc8b9ba2fa226bc8b6055190f
SHA256

102aa737d88f2a3ee248146c914829fe06f6a3ada8b9e9b123e9be8a520b2a78
SHA512

2ab354a1e124d2d93bf362f7af247c7457b90be903a6fa54d134afdc81e21faa08e00f664b851c6a1db558996149ded15ae005d3932d085ab1dbf97707e0d2a9
SSDEEP

3072:NOVQlMqrcPGU4KGJZ7RqbFu2I4rCUWMsAQlbEohFlQ/3z8jeFkrn:NOimq64gpu2zLsALorY3g6q

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

102aa737d88f2a3ee248146c914829fe06f6a3ada8b9e9b123e9be8a520b2a78
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 464KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 233KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 676KB - Virtual size: 675KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ