61891b132409b4c1ec33a87e003f4644f3d29d06ca25a066280ad8ff97f81032 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61891b132409b4c1ec33a87e003f4644f3d29d06ca25a066280ad8ff97f81032
Size

391KB
MD5

c11f7b458413a86df8df13b8bbc75e59
SHA1

5ffa0ea83f46882094a5b71a6d03d37841d42af1
SHA256

61891b132409b4c1ec33a87e003f4644f3d29d06ca25a066280ad8ff97f81032
SHA512

9ad23d6f21ad7f090c285bf05d29014830753d84f5c7c9803b2c2f91138cf3c91efe71644535f18ab5bc5a500d5263eba2cbcc62f572a4c37cb91e026ff6fda0
SSDEEP

12288:4dNRytMEf3TlIZTVoDnLuYh1ErIPDg7o:46f3TlZzh1ErEDg7

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

61891b132409b4c1ec33a87e003f4644f3d29d06ca25a066280ad8ff97f81032
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 716KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 375KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 504KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ