b2ef29f307322e55cda496875dcf530c73771c20e11ce47346cb5384f6fdba02 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2ef29f307322e55cda496875dcf530c73771c20e11ce47346cb5384f6fdba02
Size

32KB
MD5

e932785019e4e9791a1963d8fabebb6c
SHA1

400c238b681845b785317a5a30de7151bdc9bae2
SHA256

b2ef29f307322e55cda496875dcf530c73771c20e11ce47346cb5384f6fdba02
SHA512

a7321d8292395db8f7143a08b5d8edcab6518d007d67b834b70590311f905bc6ba6e870acf03111b4706f71b9a2d6c46297279e676aa968f5fd308af3f1f4772
SSDEEP

768:B5ErwKlmUSCXHzn0GwCWqgNGepn3ObJTkq1CrUbC9p7:vWwKlmuXr0G1FU6Rkq1CoG77

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

b2ef29f307322e55cda496875dcf530c73771c20e11ce47346cb5384f6fdba02
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE