ea74aaa6c71de7dfbedce2674c8a46f3323692e8550fad1e5730cbdc846a8e85 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea74aaa6c71de7dfbedce2674c8a46f3323692e8550fad1e5730cbdc846a8e85
Size

434KB
MD5

d523d60349c9a198c758e0ef385132c4
SHA1

0cf174ae4de5bd65f96f71be5f315e06663bd009
SHA256

ea74aaa6c71de7dfbedce2674c8a46f3323692e8550fad1e5730cbdc846a8e85
SHA512

ad2d7073d7aae9ca95a5bffbf41688ccc110c9f9f3c9309a2d0b6a236d47289ff9b2727a08d88610fe003b8772a8829a36868d9330b5b1ce7042bf7585a82c16
SSDEEP

6144:1PuejL0cW+BlQmzKI5728HfSsqCxi++QS/sKBQm65ONLJQSSk9i9P:oeXWNe5lH6sq+j+Qas3m0OpJx0P

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

ea74aaa6c71de7dfbedce2674c8a46f3323692e8550fad1e5730cbdc846a8e85
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 299KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE