f53b802d9c4c422f1eabe77043dabf9055586e50d615e435ab1168da4b7415fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f53b802d9c4c422f1eabe77043dabf9055586e50d615e435ab1168da4b7415fb
Size

306KB
MD5

eaf917ad188e365b6ed258b6391658c8
SHA1

3af92b2807d87e733c48a09db8918e0fd410feac
SHA256

f53b802d9c4c422f1eabe77043dabf9055586e50d615e435ab1168da4b7415fb
SHA512

ab94b8757d6ee2ed916ae6b5898211a0d5e9e2e3a22be0239c1ed769b4ddaccd0d9893471d99f669116e2d33ebb393ec475e46a5c3b90e1b7a8c06ed231e1af2
SSDEEP

3072:ba6rrza/J7rHXtXAkEDiODc5aX7qDqrgrHAUDlvmD9:bZc5C2DqrgrHAUDR4

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

f53b802d9c4c422f1eabe77043dabf9055586e50d615e435ab1168da4b7415fb
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE