cb73387d06544ef285ed37fc0b8f75d6fb2791912a0e358538e403a4ffee5427 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb73387d06544ef285ed37fc0b8f75d6fb2791912a0e358538e403a4ffee5427
Size

187KB
MD5

116b40073ff1d9702c892441a8572970
SHA1

fb81eba9ab9277939ccb46f9d5cac1e57146a8cd
SHA256

cb73387d06544ef285ed37fc0b8f75d6fb2791912a0e358538e403a4ffee5427
SHA512

27546d1cf02c3731ce3c5dff6e50cc72172607b982c66bfcb676c7a54b40c0b5211003687326ee69d58782c9eb15a1da1bdf4f86bf79a2b31b7b2cbda9d9c200
SSDEEP

3072:ygtV9nhZb+G8iT9H+1GoNm+sInQ+lg5Lr68nLWSbQSDODfS7FEZ42Rvho5b:ygHhb58iT9H+RNmDIQZ5Lr6YLW5SD+SV

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

cb73387d06544ef285ed37fc0b8f75d6fb2791912a0e358538e403a4ffee5427
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RUPX1
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE