db42003bbd0e4b813c4051827b84a339cc2e70093a51dfd2ea6b3a0f9a2ce4af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db42003bbd0e4b813c4051827b84a339cc2e70093a51dfd2ea6b3a0f9a2ce4af
Size

146KB
MD5

d5f945666d8a5fe4634495d175838f1f
SHA1

87c851b0599039c3b023593e01bcadca7a3938f1
SHA256

db42003bbd0e4b813c4051827b84a339cc2e70093a51dfd2ea6b3a0f9a2ce4af
SHA512

bf879148ed10e2e8799dd2c6b2da7b1221b369cb98f978da0cf3b5e888de0590902b6a43ffae9561ddf7b15a719270218475adf6001d1f2aa4e75aa400053e8f
SSDEEP

3072:Y3lnm2nm/m/ncSmS9paT2fDnEAzpSousZrzrFSwd9hoU3M3RsAlmSV:Y3fnqYnjjHa8NSLISiSBhN

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

db42003bbd0e4b813c4051827b84a339cc2e70093a51dfd2ea6b3a0f9a2ce4af
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 732KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 860KB - Virtual size: 856KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ