cf61a14ef66620394b263feb23103384ceeba84348f5375b21832bf28822a73f | Triage

Sharing

General

Target

cf61a14ef66620394b263feb23103384ceeba84348f5375b21832bf28822a73f
Size

7KB
MD5

93af4a6b2576bf8db93bc2ede46556bb
SHA1

4ac90feab466a839e5a8ace8f3fcb61fb34a6af4
SHA256

cf61a14ef66620394b263feb23103384ceeba84348f5375b21832bf28822a73f
SHA512

deb06f2b7ae260083623f1aca280bd197fb9a628689d2c918e248ccb5f71a01b00b3a0ae60c9d6f50fe36f3512452a78e9e77b689b3e8ae8682e04ef283a3fc8
SSDEEP

96:0P1o5GkUj2/Wyg5Z6KK9N4Ac2j1fGhow6azzogPrLdT3JIn2rkMeEnTSvL8E9knz:0Pmnl5d9N4Ci6azRgWkMekSz8I2SQn

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

cf61a14ef66620394b263feb23103384ceeba84348f5375b21832bf28822a73f
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE