80e67f9f3aeb24f197f31f8612c7dbfcef708653ab7185c50acd068df129631c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

80e67f9f3aeb24f197f31f8612c7dbfcef708653ab7185c50acd068df129631c
Size

279KB
MD5

e4ebe9a3b55eb450e525a35f65ad5f7b
SHA1

e08385c6354cbc19177b79c641a0425989879739
SHA256

80e67f9f3aeb24f197f31f8612c7dbfcef708653ab7185c50acd068df129631c
SHA512

1d4a87cc84bfcd314c34fcfe863c94c5b63521e66b4aed783bdc33b5e33f56028601e4a1c7ba9b4d63dbe6698d6e703dadfec12bc1d5d8c0b891fa2cdafd954e
SSDEEP

6144:XP0ImLs77ou6VhA9+XgIrNJxSxnryekL7A+kaHN5mY1JX:XPiLk7ou6VhA8wMxSxn/w7fk4bm6

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

80e67f9f3aeb24f197f31f8612c7dbfcef708653ab7185c50acd068df129631c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 277KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ