f90899ee0482f0272752b664a3e4e8fa20aed9357025b1d3229674ba5e037dcc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f90899ee0482f0272752b664a3e4e8fa20aed9357025b1d3229674ba5e037dcc
Size

293KB
MD5

5fc316be0a4255e39ee81c0fd4d01065
SHA1

be35b89468c81e11a101deaabc09ed58d15fe308
SHA256

f90899ee0482f0272752b664a3e4e8fa20aed9357025b1d3229674ba5e037dcc
SHA512

c0ca3b3ce543b56e8ce6e40d5bc0c568fadbc92522acc8db6e4e40a5e51686505c401e291564db47a43d3d612ef7b2b13921c22333b0653b69da2e7605178314
SSDEEP

6144:Pk4qmq9TAOm4tffFYv3+QnlzXWS+3NbUhs7015E9:89f5tfNYfzmPT015

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

f90899ee0482f0272752b664a3e4e8fa20aed9357025b1d3229674ba5e037dcc
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 271KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE