89b75c01f94d45fd30a8a612519a947b3a18e676a1a82685bd2befd229a00664 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89b75c01f94d45fd30a8a612519a947b3a18e676a1a82685bd2befd229a00664
Size

346KB
MD5

0a052fdf8cae1ab22d40be19b65c1db1
SHA1

91bd6e64e735d51c78fcc7eb38e40da810b4209f
SHA256

89b75c01f94d45fd30a8a612519a947b3a18e676a1a82685bd2befd229a00664
SHA512

f8c82bf1804a6970d4933d6e03250e74df73facab5a1673f2d799cddfb7f0e60e5bd03052a95faaaa0d7af78d79db4a1d326880d7eea9856111c7fad80558333
SSDEEP

6144:8xMenzgHCgHgKBD6YEx+S56s5Q6itDbM+w01vfPzTY+LgA4lHFxUUjiR9:8xZ4CgAOVEESEs54nMi1nPVLgrFxUUji

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

89b75c01f94d45fd30a8a612519a947b3a18e676a1a82685bd2befd229a00664
.exe windows x86

647b2d25b4821905b4195ff7a6455b54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress

Sections

UPX0
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 342KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE