879cac6761feba0834115c9cca186b60b6a08d19ef892b18d125b7fa36e812db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

879cac6761feba0834115c9cca186b60b6a08d19ef892b18d125b7fa36e812db
Size

502KB
MD5

9b244a251ffe78aeac655d0412e5945c
SHA1

d6a7984cf64927616cc4d72817246dd8324f8c39
SHA256

879cac6761feba0834115c9cca186b60b6a08d19ef892b18d125b7fa36e812db
SHA512

54802414bb7e4cf68b94f6c16e2e14ee15e9831ab0a7df0349bf27cb24d34feb2b94c76fb19765c320c3ea7e1cec7573f2abc45fd5d815054135c0d3021c3e5c
SSDEEP

12288:Nj7HpRWbzl2u8MmT2EtIUxBfYdldUt3SI3W7Gu1tlabRXjuw:d7HbU25TWUxBfYdvs3Sr75tQbRXj

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

879cac6761feba0834115c9cca186b60b6a08d19ef892b18d125b7fa36e812db
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 560KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 498KB - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1000KB - Virtual size: 1000KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ