b6f6854e7fa47ecaca016fca641b769bd2bc60a57f840247c156c501d04d96ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6f6854e7fa47ecaca016fca641b769bd2bc60a57f840247c156c501d04d96ee
Size

85KB
MD5

02b227d6b0d5f0093d507f58fa1fde8f
SHA1

b30a9061bea030074edfb55a8d2b18e702dc9940
SHA256

b6f6854e7fa47ecaca016fca641b769bd2bc60a57f840247c156c501d04d96ee
SHA512

44537a4c14c02bf711a06cd721728818ac2e8b0d8b1e570d0fd85678c6ab5a874c6d8b7201dfd986a392f7109554f3448807d20e28d428409bfee3c97a247347
SSDEEP

1536:HYrg0racWeGObUKbX/lxAGnfUJ2UHuWdjqkuwWDvDIDF54wZB7giZhReDunt8:4sKau3/bnfUYemku9DaFWwb7jBeDunK

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

b6f6854e7fa47ecaca016fca641b769bd2bc60a57f840247c156c501d04d96ee
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ