9823628e4f88e0ed99c8402f257caef814dd074ca51d6d91ae290e3b6be3e4d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9823628e4f88e0ed99c8402f257caef814dd074ca51d6d91ae290e3b6be3e4d5
Size

272KB
MD5

30943173592e6e76404d27e93befb9da
SHA1

8b638f0d5ad14cddbdaec9551eb583376818df9a
SHA256

9823628e4f88e0ed99c8402f257caef814dd074ca51d6d91ae290e3b6be3e4d5
SHA512

0c8d696f83260a8317b77ddd51860fdd0143892237e65b89d9d688344d22a6d63a94d964c524a131d9f1ea8ccf2cc44e53e577a9d69f0b49c066a6af2286e68f
SSDEEP

6144:jZqpeGGFJikvLycmYNcNunOiEkEAgOSiepyej:NqdG3ioLbNAunOiAdZ

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

9823628e4f88e0ed99c8402f257caef814dd074ca51d6d91ae290e3b6be3e4d5
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ