c6e84eee071872ad303958e9102c4e1a51e44ff75dd6fcf416ac1b3e1a3b84bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c6e84eee071872ad303958e9102c4e1a51e44ff75dd6fcf416ac1b3e1a3b84bd
Size

111KB
MD5

6480ddb17a63da175358f5fe163b9903
SHA1

47dd1bd8b3de06e8eac237afc4dcba1217ca1b72
SHA256

c6e84eee071872ad303958e9102c4e1a51e44ff75dd6fcf416ac1b3e1a3b84bd
SHA512

cd1d41183695cb393a80ccf7f94240a2f5c621aed989101bf3260172a8946efc4c8a9442935557b7d8d8516be6409b1ea5c458d96f93d8d0a83acc349adf3f40
SSDEEP

1536:7hKC92mxLxfY0tH3eyLP+ozr4HgOD+ErcN+KXAErUI83:7hKy2itfhPioz6gkANKX3

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c6e84eee071872ad303958e9102c4e1a51e44ff75dd6fcf416ac1b3e1a3b84bd
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

yC
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE