960d2f9cabc57e02d6353a6dc61846c6b04204073138c53dde855561367e0852 | Triage

Sharing

General

Target

960d2f9cabc57e02d6353a6dc61846c6b04204073138c53dde855561367e0852
Size

5KB
MD5

7e5ca4aad5666fb208d8d26678190c4e
SHA1

b0db3afdd6de34dcc700d2a31026f06fe25ab058
SHA256

960d2f9cabc57e02d6353a6dc61846c6b04204073138c53dde855561367e0852
SHA512

7059e5a77b7ea1bd35a47ffdab3d385f22b302f8b09227ba0dbb68b7768988457b6f913fe8738811eccec0ec9a64549a6ea5c49e9c990234ec244200e67adfff
SSDEEP

96:/Hyk2sZgKH+vAOsXlHqL2EBOlGKbVvh+nELJdcSW91r+boQd:vbAvAVl22VlG0LJdcz1Sbpd

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

960d2f9cabc57e02d6353a6dc61846c6b04204073138c53dde855561367e0852
.exe windows x86

410a1cf5e716ffcc50f66067129699ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenGroups

kernel32

CreateThread

user32

BlockInput

gdi32

Chord

ws2_32

htonl

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE