911ab8568ba8ad68b18cd482cfac7ca6d7e727d5e2189c72ef016dc3e4fae874 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

911ab8568ba8ad68b18cd482cfac7ca6d7e727d5e2189c72ef016dc3e4fae874
Size

83KB
MD5

3beaf29846a5955fb30edc246eb15fc3
SHA1

4571dc4956ff4b0b4eba2ca6d1fb11bee82ff57c
SHA256

911ab8568ba8ad68b18cd482cfac7ca6d7e727d5e2189c72ef016dc3e4fae874
SHA512

35264aab2f26036720965773c254b3ea96ba037575c03742a1278db2d6e74cb7fdd49ac8ac8570eaf5c4c5d42d8a50e0e7e332c4b2bb7857a8d58dcf2a061961
SSDEEP

1536:cnKZViWUC/JV16uXKTVXxs7djVBM5DPQ5g:c0ViWhz161TE7dVeNPX

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

911ab8568ba8ad68b18cd482cfac7ca6d7e727d5e2189c72ef016dc3e4fae874
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 276KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

b
Size: 239KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE