f582de558df252ff4e6a1d00a72f90403270c38a2f48b56700227d15c4a0ca21 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f582de558df252ff4e6a1d00a72f90403270c38a2f48b56700227d15c4a0ca21
Size

40KB
MD5

17cc0980fa746ce5a02105ee04e481b8
SHA1

048d8634f080c2f23465c24ea02b6fb1ce078e71
SHA256

f582de558df252ff4e6a1d00a72f90403270c38a2f48b56700227d15c4a0ca21
SHA512

1166443ed41e347a10c5b25b9ab5b311ef9ada0ee1ec19263b179a1d27049897d88799a4c878e32d91a45b749d7fd1fb78c8fa2ac487a8b4b5783441cc6b4aa6
SSDEEP

768:alF2hvL8Yz0jB2Xy3UrJwe10z9VdNIzmEjg3ljK/CK5F:alF2hDDz0dKy3UNwe1ydCTs1jcCCF

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

f582de558df252ff4e6a1d00a72f90403270c38a2f48b56700227d15c4a0ca21
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ