52b67e36a2beb104d98f88486935448ae5e1fcba4e183eee5f01bda080da2cd2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52b67e36a2beb104d98f88486935448ae5e1fcba4e183eee5f01bda080da2cd2
Size

1.3MB
MD5

33e3a8d5c797e1dc2c8c345177440dd5
SHA1

d017b9d91f467606ad9e6192c41b898653d6ba9c
SHA256

52b67e36a2beb104d98f88486935448ae5e1fcba4e183eee5f01bda080da2cd2
SHA512

afcf76158f790c893840ba03a8465b3e7bf3b09a21f00fc1fe0a7f795ecc2a3f2e9b368c5370d36757de90df3a29cd9b5f14ba381838aed800ae30ecf93b128a
SSDEEP

24576:kdk2u4TxZLf92wav6bwzFBUV20yjsruDHbLx+W9Ggz:z/+Lf7aewBs2TjsruDB+

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

52b67e36a2beb104d98f88486935448ae5e1fcba4e183eee5f01bda080da2cd2
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 908KB - Virtual size: 908KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 621KB - Virtual size: 624KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 918KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 385KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ