c0fb5cb88fd97448157f4c8505a366646f03a8173626b94702fa9aa6b66a746b | Triage

Sharing

General

Target

c0fb5cb88fd97448157f4c8505a366646f03a8173626b94702fa9aa6b66a746b
Size

583KB
MD5

af3b6afac1b6b96019ee02d4a8fbd271
SHA1

232132dfda4e6781743158c9e8380d0ad363c926
SHA256

c0fb5cb88fd97448157f4c8505a366646f03a8173626b94702fa9aa6b66a746b
SHA512

1082c36d44360a4256050eca5851f3cadf59ce4e77262e2048319bbdea261123de9bf249ebfcae0fa4e615123c265ee1b65fe2ed62e4e65c3de2993e67c77c71
SSDEEP

6144:eajY1oC+/U8Vjlx4kk9HKda4L383j8hpdoSQbQFsrF1W/h84IrV7mMpH8zQW4jQa:uOlx4kk9HKda4Y38oSiQi4kVdcQzjX

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c0fb5cb88fd97448157f4c8505a366646f03a8173626b94702fa9aa6b66a746b
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 253KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 92KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 226KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE