d987d1dbceb790032987615b7727bcbe2437196b9aa8f40e201e294ec86cdc42 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d987d1dbceb790032987615b7727bcbe2437196b9aa8f40e201e294ec86cdc42
Size

749KB
MD5

f55d8a6834c5bbc945126c67aacb08c9
SHA1

78a3820775f17ce7ce11fe3c213f05abdd7dd950
SHA256

d987d1dbceb790032987615b7727bcbe2437196b9aa8f40e201e294ec86cdc42
SHA512

d94ec98559822cd19e57a19961252ef726b7809a8e728a9af0e3e03abb26ca3fdbba672b12e22ed6115ad76f6146c7bd412b13d1970e6ed4fe83f05ec5282f59
SSDEEP

12288:U7AkIFhv9PVZGufpFfUnVuP+MTNLzfgdtaZjNi38W0U8nl4Q53WhI2dR85WJAqBr:Bhv3ULuWINo6pNw8W0X3d2dR850Aqgrv

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

d987d1dbceb790032987615b7727bcbe2437196b9aa8f40e201e294ec86cdc42
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 836KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 747KB - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ