ed664eb9018391ae3cf5d41ed84acd4542bd242efa674dc4d9da9f7de052e507 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed664eb9018391ae3cf5d41ed84acd4542bd242efa674dc4d9da9f7de052e507
Size

72KB
MD5

179e3e28bc9c632888b309500c4706eb
SHA1

d043ba76723db167c877c9c0ab7841d1e16a874f
SHA256

ed664eb9018391ae3cf5d41ed84acd4542bd242efa674dc4d9da9f7de052e507
SHA512

e3ac61df47fb25ae637c99b498c0b490308cf7a1c44c52afa6e6fb2b40eec1add032d6d1fecb2c65b80bd10f0e9c13f0dfcd814582f8c95702e64f8e22c11d15
SSDEEP

768:aeLrIybda/cZFW0xZ1eJIBgDWVRp36Iu2to5pDvC9g4ZbFVbda2e5gzlu:aewybdBRxPeWBg6Vr4DvC9D1gruu

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

ed664eb9018391ae3cf5d41ed84acd4542bd242efa674dc4d9da9f7de052e507
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shoooo
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE