a06766e3e4b68b7141bb27609de763a1c0a4501c72148a85b0c6b8b432bc4585 | Triage

Sharing

General

Target

a06766e3e4b68b7141bb27609de763a1c0a4501c72148a85b0c6b8b432bc4585
Size

366KB
MD5

e490a8be9e83ae1aecad559ac80de688
SHA1

4c5c50060f09ec5b35f193f36fd073c5951e686f
SHA256

a06766e3e4b68b7141bb27609de763a1c0a4501c72148a85b0c6b8b432bc4585
SHA512

02156a079ce312570b9eaa4f60b13e4540a07e945724a70db7bad9ec816e9dad2f045dfc507c2934633cc32104cb92e79151fe811f480a05d4176f3b8e01a719
SSDEEP

6144:+JR9/g99J7VLZdQ34K7O6aW3a4NOlB+4GaYY4hTcVbbKYSOy4IK9n07pPff4H:a/g/J7ZZu346aG/NoB/ohIU6+1PH4H

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

a06766e3e4b68b7141bb27609de763a1c0a4501c72148a85b0c6b8b432bc4585
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 728KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 355KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 604KB - Virtual size: 601KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ