a98f0726a5d8df7136c879c0c36330cefb19e8af3a82474a4e847de39b030fdb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a98f0726a5d8df7136c879c0c36330cefb19e8af3a82474a4e847de39b030fdb
Size

225KB
MD5

221b9f6ba2543c9e88146f6812b84800
SHA1

fe01287d4afec47fb9b044051997756e3fb9141e
SHA256

a98f0726a5d8df7136c879c0c36330cefb19e8af3a82474a4e847de39b030fdb
SHA512

17ba147d003e03fbe57551911a9de3df532456e69472e82a36e9ac6b46eb8753c05ea66ea22f538dd2f9c477156a2964d81a0320fd01032a8d30c220e46e0789
SSDEEP

6144:Bd4qY9rlSbz90H7q0aKngF7vqkRkK7s3IAfVmHRSL3Au:GSbZ0HxngFHRhw3nfVmHRSL3Au

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

a98f0726a5d8df7136c879c0c36330cefb19e8af3a82474a4e847de39b030fdb
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 352KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nkh
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE