dc31841e767ef50a6fe2454ef45c552789f7f640b5220f0a953a18ec8a75c00d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc31841e767ef50a6fe2454ef45c552789f7f640b5220f0a953a18ec8a75c00d
Size

354KB
MD5

06a461fcd1fead5afc07c341319c9743
SHA1

dab20c4d34df846c740986eb5559995cee8b2ae9
SHA256

dc31841e767ef50a6fe2454ef45c552789f7f640b5220f0a953a18ec8a75c00d
SHA512

7b4decc0f9a5ecae9a462b548c6db87032b26fa2cd9ec72d644ac952a183a55f9873afac1e207698217b7c0a6d372a6d4a9a5e1a8c10e0c24bac7b2cceb59f43
SSDEEP

6144:C9mYB3lzhXWXu2g+Gyw/bZl3O1/9vkoO6o5B93cjsQ/GlipxPWE/gZmXfn2y:CBVhXWMYe3q1tWncjsQ/GmZP/RZ

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

dc31841e767ef50a6fe2454ef45c552789f7f640b5220f0a953a18ec8a75c00d
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 488KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 351KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 812KB - Virtual size: 811KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ