c56f84af49b58679daf08b49829d754f9dac8bf1c5708bab253357ea459c6978 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c56f84af49b58679daf08b49829d754f9dac8bf1c5708bab253357ea459c6978
Size

636KB
MD5

e2385b4ecd0deade77f8e254ef0f637c
SHA1

0472539ccfd41500264193bb43f0e3ed42984c02
SHA256

c56f84af49b58679daf08b49829d754f9dac8bf1c5708bab253357ea459c6978
SHA512

517a6f12b90f945f2dfa005970362cf5c1f691741bed1acc4e81714c3f837b2ce7fabd3025efc390589d403dc36bca282fa15081aa25800c57abe0f2ca98921d
SSDEEP

12288:9kLgZ9yqTu/0jMxsW+vHxjyPSnH6+HJacJOaGOZd/UgEJtPLCCa5m9mEsrUZxL:9kgjyqC/0TRjyanH6+HJacJsTuD5mEEB

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c56f84af49b58679daf08b49829d754f9dac8bf1c5708bab253357ea459c6978
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 528KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 275KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jatxxx
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xtxjdo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xxjfcf
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

djucvv
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vefwvo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE