cc88c6164623a7e9d332e5cbb97409aefc4b377407dd0f0d53d9765e9210e39d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cc88c6164623a7e9d332e5cbb97409aefc4b377407dd0f0d53d9765e9210e39d
Size

2.6MB
MD5

ca0fecc347a7feac689a622df6a49e8e
SHA1

a096b72529aaa983a001eaaf0c1852e2d587eb61
SHA256

cc88c6164623a7e9d332e5cbb97409aefc4b377407dd0f0d53d9765e9210e39d
SHA512

b94d3c6e3a49d79b186e9cae24901da0e32b83dabbbd9863127c1b8ab4cd776d0840f28af8df3d1f39e4da2d6fde868fe32c0cc3d492c34d293ab4ad42bdf715
SSDEEP

49152:PvpvqWOS0B7uN2UeqzSqujdRIzAIxve4DVdyDIa4nw3Vx3PPGEg7zS2LO:PhvqWOS0B7uNeqzSqujDIzAIxW4jyDIG

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

cc88c6164623a7e9d332e5cbb97409aefc4b377407dd0f0d53d9765e9210e39d
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 540KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 986KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ