666f7d3c3a2ab01bb8435048e030ffb7ae677b151b87578d1b8b9de39fef5d2b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

666f7d3c3a2ab01bb8435048e030ffb7ae677b151b87578d1b8b9de39fef5d2b
Size

30KB
MD5

bd3528ca94da9683cba895a6946c68f1
SHA1

bda4bc7b58fdde24c284251a969c6612c6039173
SHA256

666f7d3c3a2ab01bb8435048e030ffb7ae677b151b87578d1b8b9de39fef5d2b
SHA512

31d76d616dab5328ae3486ffcb348ce9d70be40361da6fd3309c6fb1b8dfb2816cce5d9d1a1d0315a7f85be343f393473f2d40a96bd65a6118ddc445426af21d
SSDEEP

384:FZcpzCIqdG3A3WUkx38GZDJuJbf1+o44u8gHzUcPaHpNTwmZ5jD1z6rpV/9qA6c:SCIqdH/k1ZVcT194jp4lHpFwmPI59

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

666f7d3c3a2ab01bb8435048e030ffb7ae677b151b87578d1b8b9de39fef5d2b
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ