c57bff0e8015c7607fb0bd7ce0212f4d5dfcce0935b2328e71b4a136ca27a241 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c57bff0e8015c7607fb0bd7ce0212f4d5dfcce0935b2328e71b4a136ca27a241
Size

83KB
MD5

7d9fea7d72760c36085d0c4afaefbfc1
SHA1

36703ee89e0b849267406b226f11436f58cc968b
SHA256

c57bff0e8015c7607fb0bd7ce0212f4d5dfcce0935b2328e71b4a136ca27a241
SHA512

27b5ce9253c865668caba36c1a54a5b25ad34a6caf1fdd87bfb2f46848768f0c324ddaa89cdd5756541f4e01fefeafbf7108077052d412bff5a1c5ae3b82ef36
SSDEEP

1536:RCRaJvJbfFDyfRsnr8ptA+mapn7XNyZi0Bdkc4Y0jVV7b7u9leP4VVbCRHBI2qOE:kRaJHOfRcr8ptA+/CiWdkPY0/7bela4V

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c57bff0e8015c7607fb0bd7ce0212f4d5dfcce0935b2328e71b4a136ca27a241
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ