d8864baf6bb32a393a1b0249ce97db9a9c3ef5ef00d980b7f2521d6235cd15bf | Triage

Sharing

General

Target

d8864baf6bb32a393a1b0249ce97db9a9c3ef5ef00d980b7f2521d6235cd15bf
Size

364KB
MD5

228b4652d12923a1a6e1f461dc38efd0
SHA1

1da1cfe047f14fa1fb9fd85ba8ff1f107134fa5a
SHA256

d8864baf6bb32a393a1b0249ce97db9a9c3ef5ef00d980b7f2521d6235cd15bf
SHA512

90a7898df81bc083aeab0bb7cd084302b320f7a9f34ea3237173eac4b510220ecca7eda64ac1668ce0215a99d0be8ed49fc6701ba46b04d0af4e8f7610b32ea7
SSDEEP

6144:9MLCVO8DoBuIZJ5iD0jsY7tBU84rK4QtvmeHKb6bee:nM5BuI75iQjswz4r1yq0

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

d8864baf6bb32a393a1b0249ce97db9a9c3ef5ef00d980b7f2521d6235cd15bf
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 348KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 193KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RUPX1
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE