6438bfd09c3dcb503f56fe28a06256b848b152e3d285c20864988855b6e60d1c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6438bfd09c3dcb503f56fe28a06256b848b152e3d285c20864988855b6e60d1c
Size

1.0MB
MD5

fc8179a7cf3014e5431177050c5d452f
SHA1

8edad9e27879732e9fbc2f1dbed97fe057029887
SHA256

6438bfd09c3dcb503f56fe28a06256b848b152e3d285c20864988855b6e60d1c
SHA512

c4398a7e3422ee09ae29d4268e6a3d097dbcb3bac94d255fb065e20e31a83b502f0b9de351c692cb9d94e6db61098ca1dfc81d856d8422b308a9c1c8d7cb73eb
SSDEEP

24576:MFdjWAcBaYNBZFR90iO5dPhpkvdFkR3b1WDl4zQUMkQ0bBCg3BwH:aqna8RbCpkv/k15WB4zxQ0bL3C

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

6438bfd09c3dcb503f56fe28a06256b848b152e3d285c20864988855b6e60d1c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 196KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 208KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ