c4916e4e8c3618bf1ca62a5f00bd2f1ad6ac65b0fb3166ff683c447b527a0bae | Triage

Sharing

General

Target

c4916e4e8c3618bf1ca62a5f00bd2f1ad6ac65b0fb3166ff683c447b527a0bae
Size

388KB
MD5

f889a57591697bde1036a231a29c3207
SHA1

3ba251d27b16bde14c3776d879db5b50166bb72e
SHA256

c4916e4e8c3618bf1ca62a5f00bd2f1ad6ac65b0fb3166ff683c447b527a0bae
SHA512

460f6a087fca6a4d5c594a357ca53502748aad7b73e2d50cbf804ff72cadaa3772c467b5547f8f6c3093265f6082eb09063ce3606f5c26bce4900d5efedf7b09
SSDEEP

6144:CYZTNk3D6LyUXwLLk+cR3qh0GQ43VJRD0ew+/hOvK2o4nFOrz0Ypzu/S8+k7B7:CSNC80I+cR3R03VseXOvc4krwSzW+kt7

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c4916e4e8c3618bf1ca62a5f00bd2f1ad6ac65b0fb3166ff683c447b527a0bae
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 380KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 224KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.IUPX1
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE