e2f7b9ec49c6cd9cd2c2b45bd13acc3700b13b7a783315f855b4444f0e59fbcc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2f7b9ec49c6cd9cd2c2b45bd13acc3700b13b7a783315f855b4444f0e59fbcc
Size

55KB
MD5

09fa578c51a9df8187b6d5c71b54e320
SHA1

69256d93150b2d30dbde0e92b0e9017041cf4bbc
SHA256

e2f7b9ec49c6cd9cd2c2b45bd13acc3700b13b7a783315f855b4444f0e59fbcc
SHA512

b417a2ec4ca13a6ff5a31c85f3709bd259cb6e44b4c51c5f3d550f6b197c8628c558064eaed38f1df2cd14a42ed38fae18aeccb905d424721264f455f71757ba
SSDEEP

768:XjtCpMIpNTmP0dRHlhD3w42Yb+VdHbaQ/hjGWOMUK+tGDoIwn/eQkfvx0GpqHLcF:XjUB3D3PlOdHbauj2/UpAc/rhFh

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

e2f7b9ec49c6cd9cd2c2b45bd13acc3700b13b7a783315f855b4444f0e59fbcc
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ