d794e2024ea40da1d8b78150473a4be3270f4fddc3a4efcbeb8e23f8d0de9b12 | Triage

Sharing

General

Target

d794e2024ea40da1d8b78150473a4be3270f4fddc3a4efcbeb8e23f8d0de9b12
Size

547KB
MD5

f405330c2a6773fd6423027031ce5870
SHA1

e05c3f75a56a2fbc3a70f34d9c4bdf9ae72aa8af
SHA256

d794e2024ea40da1d8b78150473a4be3270f4fddc3a4efcbeb8e23f8d0de9b12
SHA512

51b61ec416a6a0e23aeb7199f26857e885f0d99dd64c497d28c3b5bf26222881cf836b5e65d4cde5caa2b361876555d80ad89a0c793e5800c79bf9212c1a6174
SSDEEP

12288:90I+4IZ0LF8SsJz/v/nejEE2JftrbSEGSWTceql3dG3tR:JXISLF8SsJ6wE2JftrZGVceqlu

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

d794e2024ea40da1d8b78150473a4be3270f4fddc3a4efcbeb8e23f8d0de9b12
.exe windows x86

647b2d25b4821905b4195ff7a6455b54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress

Sections

UPX0
Size: 512B - Virtual size: 876KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 536KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE