c6771787fb499f0959177866f5ebf81360e2a30e560f13876619c84f76d59ef4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c6771787fb499f0959177866f5ebf81360e2a30e560f13876619c84f76d59ef4
Size

455KB
MD5

54af5eb1fb99811c29a182f3301a96f2
SHA1

213d9ed2dfcea29b426fd40872bb255faa2ef6b9
SHA256

c6771787fb499f0959177866f5ebf81360e2a30e560f13876619c84f76d59ef4
SHA512

063d4878b101ea9cc59470def78a458eb8d87fa6f3e441dc3c91957f5c8fbb1dee3b2a7f8957b2f67196ffb20ed13b86282d3a1b3aefa6df35588e8339d1c90b
SSDEEP

6144:7lU0z+IT9X1uNIXjUbQ9BVkiBTwGrXjrIsGrsBcvPUlg/aB+y1QEWr7gw5cDEBlS:7pzfB15fxtBT1IsGYenCvH1QjnyEBaJ

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c6771787fb499f0959177866f5ebf81360e2a30e560f13876619c84f76d59ef4
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 688KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 394KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 572KB - Virtual size: 569KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ