17130196ad349b1ca48dd4b3bdd15d7f52d23d9958300366f12f09c2ffdd320d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17130196ad349b1ca48dd4b3bdd15d7f52d23d9958300366f12f09c2ffdd320d
Size

276KB
MD5

060c5903d89918c1a604adfeebc4cc20
SHA1

b046f2cd46907dbead7b0dc6b7385fef4eeca8c5
SHA256

17130196ad349b1ca48dd4b3bdd15d7f52d23d9958300366f12f09c2ffdd320d
SHA512

c566dafc7fa5d0dd2f22b5b51354f67c62d80b3ffb5cac48244c7ee76d244b02e146525b794c2c280a51298db024f0c1cbbf9904574d9e3d1b908adba6e9212f
SSDEEP

6144:qTnjnvrDiMNb1LSlZCgb5OQx0MciQGKAabe9RMJGtkeYE25imY4SivNW:qHn3dtYb5O0ci1+kRMbdEeihyg

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

17130196ad349b1ca48dd4b3bdd15d7f52d23d9958300366f12f09c2ffdd320d
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 300KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 187KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EUPX1
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE