bd9b04083ae245e0ff13f3b8a56bd74f7c066e5ff77188ebd09547c106f94b7c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd9b04083ae245e0ff13f3b8a56bd74f7c066e5ff77188ebd09547c106f94b7c
Size

29KB
MD5

4c2dda249c1c55211cf6938156c3268e
SHA1

468b35598fee2760e597a3f0d7c36f52dfd9b596
SHA256

bd9b04083ae245e0ff13f3b8a56bd74f7c066e5ff77188ebd09547c106f94b7c
SHA512

78fa4e627368f4fa212c4f2f9a22c3734d9c91de6467d35664620c835a09575ddc03a83a5778b2f98c15645f26390c04ad5675ce8f90e3360a8bde02e3514ef7
SSDEEP

768:fb1KgScvMZ0zg9iy6e4gmTz/e4A7tk+OxEw6:f4bcI4ywgmTz/e4MDOGw6

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

bd9b04083ae245e0ff13f3b8a56bd74f7c066e5ff77188ebd09547c106f94b7c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE