929b68c249a4addbe1fe6e19865b7ce868c00ac49d2df1db8f159a5ce0688bbe | Triage

Sharing

General

Target

929b68c249a4addbe1fe6e19865b7ce868c00ac49d2df1db8f159a5ce0688bbe
Size

4.8MB
MD5

6d1c4e5c30f498e2f01defa3866f22ee
SHA1

cf7b1301ae7a2909b5d1d8f95ce63b9028ae4bf8
SHA256

929b68c249a4addbe1fe6e19865b7ce868c00ac49d2df1db8f159a5ce0688bbe
SHA512

78ee316dc7c4229fb7b81562ab7964b048add1ea732159e9479d3a5d9de160996d3fa88c99c2030825c63e04a688ada4a72eaa55df17de543cefe202d113f8df
SSDEEP

98304:BnsEjHMmH+xmSsydz2PHo6fXxyVVVt2rvlZ8GNd62216coznYrhU0hMsG9R:BsYr+xmSskiHo65yLVslZZHNYDMsGD

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

929b68c249a4addbe1fe6e19865b7ce868c00ac49d2df1db8f159a5ce0688bbe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 532KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 995KB - Virtual size: 996KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ