b44e3b3a63ea592e0de4225f1060e0af927a7a7b14173c12fe18e8e521d083b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b44e3b3a63ea592e0de4225f1060e0af927a7a7b14173c12fe18e8e521d083b7
Size

29KB
MD5

2413280e690b98fd80788b787fdd5d26
SHA1

e5bdf52dbfe5e33cf63920c21fbeb5fb5a2a3e01
SHA256

b44e3b3a63ea592e0de4225f1060e0af927a7a7b14173c12fe18e8e521d083b7
SHA512

666bbede3ef1d639fd07f87a1ad2940a680dc8b6cc1da28fd72b05b5086fb9f6bfe314d72628067b9c83a72b16b2a0f2780d4da249b337166e2b3289b252d51b
SSDEEP

384:Rmc8UXj5bsoIcpPZQqEMHH/w81BUftRso0YedmZwtsJ6H1vtJP3yUleW4oS43d+:03UTpsFc5ZzEfAff7cZwtZH1lh5eWpl

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

b44e3b3a63ea592e0de4225f1060e0af927a7a7b14173c12fe18e8e521d083b7
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE