2b2e54825534b4e24e12d47b9fbf0141b0f4e206ab5a0d462341585133061291 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b2e54825534b4e24e12d47b9fbf0141b0f4e206ab5a0d462341585133061291
Size

30KB
MD5

1b41e2e9a1d0741105d440d64a5ff9b0
SHA1

5cd1fdd71dfa2b4f23a1a99bcb82e44d45d33434
SHA256

2b2e54825534b4e24e12d47b9fbf0141b0f4e206ab5a0d462341585133061291
SHA512

6a09535d9c900d6f33dad45739a67ec10ca6485be1848c7da7e2120d206d6053db975db2ae84f2efa93dee1c0b08570a4d6efd601ed53e3cf0c7d2671dbf067e
SSDEEP

768:ZaMeH1xyxoTsC+S2ZWEAOPJFo7LDc+LAfh7hC145:oMIvyxs+Srxazo7vc+LAp7Qq

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

2b2e54825534b4e24e12d47b9fbf0141b0f4e206ab5a0d462341585133061291
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE