8a8f93772136ab230ac5a844ce3a8f01df7afd774f90b94fa07505432170c392 | Triage

Sharing

General

Target

8a8f93772136ab230ac5a844ce3a8f01df7afd774f90b94fa07505432170c392
Size

39KB
MD5

8deb5131eff8c5a34f2ed9bc3db4c8ac
SHA1

bb418a0e15bab2ea698ccf828ac7b818d3f9d61e
SHA256

8a8f93772136ab230ac5a844ce3a8f01df7afd774f90b94fa07505432170c392
SHA512

e47faed0bbc6a5a1b2f2cc80b4f979777a88f9e85f547042962f2c18fbb3729c163c4caf49aa235459cba12fe986e7a0d09449d41bcf945ad43d7e198e20c6a0
SSDEEP

768:jtJ99OngKFllde3AW9bKZX83gkbqfELAMwX5eA5z:hJungKrobbueyXV

Score

10^/10

upx

Malware Config

Signatures

Nirsoft 1 IoCs

resource	yara_rule
static1/unpack001/out.upx	Nirsoft

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

8a8f93772136ab230ac5a844ce3a8f01df7afd774f90b94fa07505432170c392
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ