96326642bc5a5e3d8dde45e8a08f5a0054fc68ca35907d52bce63aed76f44030 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96326642bc5a5e3d8dde45e8a08f5a0054fc68ca35907d52bce63aed76f44030
Size

279KB
MD5

b349f128cd58ed6e7235ce2ff2acefc8
SHA1

133cd99257e295d854134aee5ddf44e8e5a6e4ba
SHA256

96326642bc5a5e3d8dde45e8a08f5a0054fc68ca35907d52bce63aed76f44030
SHA512

e9c1be05921be19b7bf8ae17fcacd0fcddfdf40b7b184559f6ebb09786ffa7e07d3b7d213c40a50485441e1c95691740bc452816a60128b36c194e3e314441fb
SSDEEP

3072:Qpao2x6AY0sUQM8YKd0EeQVpUshZMkRd/rseICF+Ey7PsqCksRp9IILZ9U65274z:Q72x6AYuQBTd0EjHZVRd/rzI/0jU61PT

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

96326642bc5a5e3d8dde45e8a08f5a0054fc68ca35907d52bce63aed76f44030
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 512KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 141KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 492KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ