863f64957438bd994e50a25f8d39cf8819cbe6af18975a7391c30a29512e6897

General

Target

863f64957438bd994e50a25f8d39cf8819cbe6af18975a7391c30a29512e6897
Size

245KB
MD5

8f0a6f5f2c5c3ae12527867a0ddeb57e
SHA1

66d7b291f2a83645d6391fe84fd0ad6782f3f04a
SHA256

863f64957438bd994e50a25f8d39cf8819cbe6af18975a7391c30a29512e6897
SHA512

1e51c8ee9027f8ca0f89258fae70c054b0e7db17dbbbd9cdbe0900becee791f92ee492dc47596792aa05e7e563b8e3a3f654e0094054afec65843eebcb4a77d0
SSDEEP

6144:25eYrPCnvIm7NMRTZpaPxXgzp2LJmzzWwg+mtpRY9I5tx:MrG4RTZQPxiNOH+mtbYm

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

863f64957438bd994e50a25f8d39cf8819cbe6af18975a7391c30a29512e6897
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 243KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_UP_SYSTEM_ONLY
IMAGE_FILE_BYTES_REVERSED_HI

Sections

TU��/��
Size: - Virtual size: 913B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

� /�Q5�
Size: 512B - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�Mpq��
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

P�\u^)
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

}W*^L.��
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��l�Q��
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

J��%�k�W
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 116KB

UPX1 Size: 243KB - Virtual size: 244KB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

File Characteristics

Sections

TU��/��� Size: - Virtual size: 913B

� /�Q5� Size: 512B - Virtual size: 3KB

�Mpq�� Size: 193KB - Virtual size: 193KB

P�\u^) Size: 1024B - Virtual size: 1KB

}W*^L.�� Size: 2KB - Virtual size: 2KB

��l�Q�� Size: 134KB - Virtual size: 134KB

J��%�k�W Size: 1024B - Virtual size: 528B

UPX0
Size: - Virtual size: 116KB

UPX1
Size: 243KB - Virtual size: 244KB

.rsrc
Size: 1024B - Virtual size: 4KB

TU��/��
Size: - Virtual size: 913B

� /�Q5�
Size: 512B - Virtual size: 3KB

�Mpq��
Size: 193KB - Virtual size: 193KB

P�\u^)
Size: 1024B - Virtual size: 1KB

}W*^L.��
Size: 2KB - Virtual size: 2KB

��l�Q��
Size: 134KB - Virtual size: 134KB

J��%�k�W
Size: 1024B - Virtual size: 528B