c61888d55814e04441074e55942781b52dc69864611c2ec4b55ed2427151201d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c61888d55814e04441074e55942781b52dc69864611c2ec4b55ed2427151201d
Size

396KB
MD5

96a9538dd08c0d14dedf9851ec56bd57
SHA1

6936c02b0bfd4835d0cae9d819cae6b874b3f7dc
SHA256

c61888d55814e04441074e55942781b52dc69864611c2ec4b55ed2427151201d
SHA512

5ffb1b49c9cf7aecf70d9918a0a4d7e7657fa963270a7bf852f7d5a461399de1c79b9bac69ed64b24611fde9ca025cab0a30e6a8b703a38fff14fb86ef240bf9
SSDEEP

6144:gtqzvEpjKI/E7bdLKhFsFyD1nX2l8pMlpvkoSDXKB4h6l9hm0ST29:aqDEdsvk0CF2l8pCvkoSi4qhmJT29

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c61888d55814e04441074e55942781b52dc69864611c2ec4b55ed2427151201d
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 516KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 300KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.4UPX1
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE