9763c8b51d542a4596e73d1da4177c2dfb3968eeb498675c3ffb7df37a3b4a53 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9763c8b51d542a4596e73d1da4177c2dfb3968eeb498675c3ffb7df37a3b4a53
Size

139KB
MD5

50e1419329387e162a8e069f580243d0
SHA1

8d62fec5959443e02ac0522133e08d8fc236bce8
SHA256

9763c8b51d542a4596e73d1da4177c2dfb3968eeb498675c3ffb7df37a3b4a53
SHA512

e56bb982ab38970cfbff7cd254ac97884b5a0edcad6c49fe81bf4401bf5e49db023cfc4a147fba3eb07ddc1462ea9dc74a60cf11cec19b37fbcd1e419e64487c
SSDEEP

3072:Oc03SwxbV8D+r7XuJNMj1zMKeNDCmJ/Bdy7dgA/g:zUtkD+r+M7gDzJG7U

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

9763c8b51d542a4596e73d1da4177c2dfb3968eeb498675c3ffb7df37a3b4a53
.exe windows x86

e56eb1638c18fd892613bdd21f294fdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA

msys-1.0

__errno
__main
_ctype_
abort
atexit
calloc
chmod
close
closedir
cygwin_internal
dirfd
dll_crt0__FP11per_process
exit
fchdir
fclose
fcntl
fflush
fprintf
fputs
free
fstat
getenv
lstat
malloc
memcpy
memmove
memset
open
opendir
printf
putc
qsort
readdir
realloc
setlocale
sprintf
stat
strchr
strcmp
strcpy
strerror
strncmp
strrchr
umask
vfprintf
write

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 604B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE