b0b17992d5701356c628be6299dd11aa729a977ccb2fd7c9aef40572ddfe9289 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0b17992d5701356c628be6299dd11aa729a977ccb2fd7c9aef40572ddfe9289
Size

321KB
MD5

c3d6f6729f2c261da518fb835ab81285
SHA1

047929ae2fdc7fb89f70e6ca86fd933f5e2303a3
SHA256

b0b17992d5701356c628be6299dd11aa729a977ccb2fd7c9aef40572ddfe9289
SHA512

0260344ce428624e314d4e1d25b284ade48f82c9e6ab4a7d36cebbf4fec3193671e8380ab12150bcf3a9b881a9f59ab38819187814e2a58de8f8385554e9cac6
SSDEEP

6144:fRT9A65pP1wlYgrN1y6V1X1RonMequ8+my5ET7VHMb3D90JvdKS:fA65XwlYgrHy6V17kr8+m73c6JQS

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

b0b17992d5701356c628be6299dd11aa729a977ccb2fd7c9aef40572ddfe9289
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 400KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 219KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AUPX1
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE