8dd13e891c9444b6a4f5ab6ca33ec4e094ee8c4ce5239d1449501b4cbdf5ec91 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8dd13e891c9444b6a4f5ab6ca33ec4e094ee8c4ce5239d1449501b4cbdf5ec91
Size

42KB
MD5

d58d333c11c5abf734b52be4e22d7f8c
SHA1

5ba451b0a93d8887d60d1f79a9e75f895eaa2591
SHA256

8dd13e891c9444b6a4f5ab6ca33ec4e094ee8c4ce5239d1449501b4cbdf5ec91
SHA512

db665ec3d74f3745674320a3fb999bb97095a18773eb8c9b32b6878efe000fb505a484c647906e84df1409642edde9bf944675598328955711873b7bd6506376
SSDEEP

768:uudZ1ZPcixOK88id1vhQTauO3qe2QIQGlUtqn+KZLLAr7L4cL79zK:Jd1X81d1vhEmqe2Q+UQ+KhEr7L4cLxK

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

8dd13e891c9444b6a4f5ab6ca33ec4e094ee8c4ce5239d1449501b4cbdf5ec91
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 970B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 943B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ