6d0f07498aa4147cbb139c4ca9b1624e13115617301d3fc8a73c5cdef138c35c | Triage

Sharing

General

Target

6d0f07498aa4147cbb139c4ca9b1624e13115617301d3fc8a73c5cdef138c35c
Size

1.2MB
MD5

93d0755615aa3be17056c9f115ae82fe
SHA1

e4b8a34e53c1eb0bcd7fb0fe40633d55e91c4764
SHA256

6d0f07498aa4147cbb139c4ca9b1624e13115617301d3fc8a73c5cdef138c35c
SHA512

deee458df597fc68165ef28e3b01ba3612a8a988fe6f32d9a1731b4c0651d891aef7e2b33d9b22d8d19c366dce46e4b07cebe41959f3391ad2608c3f30a33489
SSDEEP

24576:ZpEB8JpL7xLY2UcEEHEAPcAxe0MUOT62c4lTnRnke4aYt42f2Z8dY9:TD22Usjfhp2TlTnRx2W9

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

6d0f07498aa4147cbb139c4ca9b1624e13115617301d3fc8a73c5cdef138c35c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ