bbf79b8b90d0e3a41062af3775ccfcee8d9823777169b2a2b5d4d54e57939a56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbf79b8b90d0e3a41062af3775ccfcee8d9823777169b2a2b5d4d54e57939a56
Size

54KB
MD5

57587111f68bfe0f88a4f2d069a0d957
SHA1

4b89020d0cf61287f12e7a40109ce335b2907410
SHA256

bbf79b8b90d0e3a41062af3775ccfcee8d9823777169b2a2b5d4d54e57939a56
SHA512

7c1b4ab8bd1c330387f1a4896dea8eff467c0a040570ef4ef7c61da69f6d552f3c26322b1b5fc0c5284a07c2e05e711f0135390202ca5e006a6172aec22f0ec8
SSDEEP

1536:C0YqQIYKJqf0vRJtgHzTgCj+kDeFpuN307:C0Tx205UzMChDeLuN3q

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

bbf79b8b90d0e3a41062af3775ccfcee8d9823777169b2a2b5d4d54e57939a56
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE