c2ba3a690fc519dd40b2b974936eb6b5c9e70d90033694fb4f1044441fe50dbf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2ba3a690fc519dd40b2b974936eb6b5c9e70d90033694fb4f1044441fe50dbf
Size

385KB
MD5

e11d0bc9c2d35482b8be9323ac48cc54
SHA1

a081775055c474e9179168f64cd7ad61bdda1b34
SHA256

c2ba3a690fc519dd40b2b974936eb6b5c9e70d90033694fb4f1044441fe50dbf
SHA512

136fb06986f7a0421aba11656adac2163326201829bad93be4b14ce0c54ebf8e17129210826f7f252c29a5a356d9190f71a920790c1649e9fc25e95148d3984f
SSDEEP

6144:37UYntUlCVmbYiZEX2k+AxJj998C3r6Xpkrax/x8ml23KFm+MVouU9721/aq0h0w:LcEV8Z4J+3C3OjtSmaKM+MKuc7G3vI

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c2ba3a690fc519dd40b2b974936eb6b5c9e70d90033694fb4f1044441fe50dbf
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 364KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RUPX1
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE