e16aca25118a4af9393a4dceb0d5eb4393d5ee976f68ad223f6538ae3703188a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e16aca25118a4af9393a4dceb0d5eb4393d5ee976f68ad223f6538ae3703188a
Size

18KB
MD5

5167239e4e21b5ecd697e2eca069b62b
SHA1

de9488ab2694fb7601f49051cc323161766f5bad
SHA256

e16aca25118a4af9393a4dceb0d5eb4393d5ee976f68ad223f6538ae3703188a
SHA512

b86f061665dd7b3c8d17e1aacbc6eae6df5be61496f0b85d887e7e8a641a41139616d1c2da7bc59f35db6fcb8d6274f9cdf20598a4363d55de4c0a9f8d0456ae
SSDEEP

384:d0W6XsVX1JAzrWP9OHW1P3FNgJgWLWkPItndHpx85Q:d0/XG7AzrWl4kPbgJgW6kIt9px85

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

e16aca25118a4af9393a4dceb0d5eb4393d5ee976f68ad223f6538ae3703188a
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

time

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE