abe64aafd04c74572716b85f7c29394af6d5b993a7b80bd366b6e4e6d02a1e5c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abe64aafd04c74572716b85f7c29394af6d5b993a7b80bd366b6e4e6d02a1e5c
Size

1.4MB
MD5

d4c5cfac622a78f90d0056f3fea698aa
SHA1

1b58e380fc5e0495a02e21a243c793f7704ba3f9
SHA256

abe64aafd04c74572716b85f7c29394af6d5b993a7b80bd366b6e4e6d02a1e5c
SHA512

164fc117a2720429eab3f8d90ed67da58ab50ac734d6838a53a3a768a31e2208b084c371616454a3501dad78d0db82e97287802dba9020201c92565e8955927c
SSDEEP

24576:ru50KERoaiWLzcK529mcNPl6YGo1k6mql45NLmXfjUoMLeecQpxogKcxfgIVwvag:CaKYxA9mqPIVoT85wXLURoQpx7jlgww9

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

abe64aafd04c74572716b85f7c29394af6d5b993a7b80bd366b6e4e6d02a1e5c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zsdrytfr
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE