dbebb0a1cea519cc5ca4dfc21c8308f11704dd4b81fe7e479d51126709e2cd9b | Triage

Sharing

General

Target

dbebb0a1cea519cc5ca4dfc21c8308f11704dd4b81fe7e479d51126709e2cd9b
Size

38KB
MD5

cb869b19ebb8881d2608e620b0abbb54
SHA1

1666a87e4e7205ef02d0e86409764dc0d56a1ccc
SHA256

dbebb0a1cea519cc5ca4dfc21c8308f11704dd4b81fe7e479d51126709e2cd9b
SHA512

fe8e957e3757700f32d8f9d3ba15103fd9916ef886b6bf0d3bf62fbf00362c2c92fc3117e7464d7606ab9d70fa4e316c2bb726e79b519f080bfb14635c0deb8a
SSDEEP

768:kkr/1ZgdQmchhW5YhMgdxhp1fq2zYP/cifp/A1GewKgzzMZUw8G4NQt7/Yf7WZ1:9RSdl65hMg7xq2zYrlAgM8G7Af7WZ

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

dbebb0a1cea519cc5ca4dfc21c8308f11704dd4b81fe7e479d51126709e2cd9b
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

EZKJIMINI
ZtALOZozVaUPC
CxBgCnYgOBsn
GsyhVGPI
GYHWDAvGiDAX

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ