c6a82b881457c09e5dd587dd2f24ae73a1b53056c8d33d37fa3242f25fa2c0be | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c6a82b881457c09e5dd587dd2f24ae73a1b53056c8d33d37fa3242f25fa2c0be
Size

78KB
MD5

96ab3b60af6a86d522a42b9735669cd4
SHA1

abd20d1a28e259e4d750275544634b556f39f9a4
SHA256

c6a82b881457c09e5dd587dd2f24ae73a1b53056c8d33d37fa3242f25fa2c0be
SHA512

d841df0af99cc1e73730a7c414ee34d40dac21d9c37233422c4b6cc0ec6127e91370f7e4f52d5685ca30e2051120f91d35a7848eba640e04278d33601d74be89
SSDEEP

1536:7hcCya5y7xCRy+JhvFiYTJMotHf28EC2f2T18c63IWfs9P1AP+6F:7eC/5ylopJG6JMot/+df48c63IfP1GfF

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c6a82b881457c09e5dd587dd2f24ae73a1b53056c8d33d37fa3242f25fa2c0be
.exe windows x86

20141f4e7948788794c29cf216ca6d35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_spawnl
_stat64
_tell
exp
_tzset
_umask

kernel32

GetNextVDMCommand
GetDriveTypeA
GetStdHandle
GetSystemInfo
GetVersion
GlobalAlloc

Sections

UPX0
Size: - Virtual size: 416KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE