ba6eb94550150cd589fcfc57a05351c51336984907933b9f327d9056de7588b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba6eb94550150cd589fcfc57a05351c51336984907933b9f327d9056de7588b3
Size

24KB
MD5

ae002b603ba7c49ac10d4717e0622dc7
SHA1

9fbdd8c0a8d097b2d32d9b4eb6e9f561b7094443
SHA256

ba6eb94550150cd589fcfc57a05351c51336984907933b9f327d9056de7588b3
SHA512

5e853cfd9fc41f23384450e7f94498d782c3a4dd229f8b4187533385646e89bb6fb6d323224ec90b119807fa8fa93b16c7f2a052776e2df209b92a2a7d4dd459
SSDEEP

384:OcQ9WXa0YeQ28GACH8Pb2q24/RMVq3O9Scu/iSQKGfNju5KyeM3Cm8CWS5QsL6Uz:TaWquQy8PKq24JJ9/gFjuxJTZjPmU8

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

ba6eb94550150cd589fcfc57a05351c51336984907933b9f327d9056de7588b3
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ