c1a30896d7f1f52db1e50e4c9161a545b6b39e01db76593be2909a829fe885d3 | Triage

Sharing

General

Target

c1a30896d7f1f52db1e50e4c9161a545b6b39e01db76593be2909a829fe885d3
Size

192KB
MD5

497ff0ae0e8351644e872593fabb5f3f
SHA1

8c1a0a7a462e0f993fb6d3e728095293a1653fdc
SHA256

c1a30896d7f1f52db1e50e4c9161a545b6b39e01db76593be2909a829fe885d3
SHA512

d940daf890133e8b579cf47fad778f4fd6fa421abbcf9a32a1b6775bd00e1bfcb889f74c2eed4578db001ef052c8e674ea31eb142acc6ea01514c82c6210e6d3
SSDEEP

3072:DyTZR1rxm4AM5gmS4JqNkg/SRo9GU3da41qAWXN3RiM2GPkPfgOTX2Nz4kvMlm4z:DyTL1Vm0bJqzbLDqAINtMPfgOekjlcl

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c1a30896d7f1f52db1e50e4c9161a545b6b39e01db76593be2909a829fe885d3
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 35.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ

.ndata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 35.3MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_MEM_READ