a8e89fa704455295e1905fa869eb2d6ff516c08226f5e51eabe98099b6112920 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8e89fa704455295e1905fa869eb2d6ff516c08226f5e51eabe98099b6112920
Size

92KB
MD5

5d5b9b6ab0b3d29d6febbe940c2caba1
SHA1

cbbfd864bf6551711252444294a893d9c657617f
SHA256

a8e89fa704455295e1905fa869eb2d6ff516c08226f5e51eabe98099b6112920
SHA512

4447ef0cf0fbd09607f73ff0d5ce89521c4d2301f1f092f093690260ab1bcd611a46363b31712b48e25b28cd07b67fb14a8e3c7f1c9ef98475f76dad408d72f6
SSDEEP

1536:g9TVpmMi/HH5To4Do6dBKjKEk/s/HDhTzF/dv8T3c+WbruU/8Yx+:g3pDGH5no6dBKEMjxzldW3tOB/9x

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

a8e89fa704455295e1905fa869eb2d6ff516c08226f5e51eabe98099b6112920
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ