9117aeeb03ec7c3c491e1c991ec2fd6d009b751532a71c1b5846c2cb3024c023 | Triage

Sharing

General

Target

9117aeeb03ec7c3c491e1c991ec2fd6d009b751532a71c1b5846c2cb3024c023
Size

710KB
MD5

d2928d7db45a8895e7404c3b49fa6ac5
SHA1

d7df95b2ac36f876bdecc3c7892b78e26a959ff5
SHA256

9117aeeb03ec7c3c491e1c991ec2fd6d009b751532a71c1b5846c2cb3024c023
SHA512

a1e13d8af6b28d50a603bbc9c22737f410412b5733181e6d3a07449b26da108130c88d1257bb7587b5e979250c312956c43d7b5643e4af8da8401ac6d8b58979
SSDEEP

12288:JEhcgYSBegjUnKywvQN6E8W0ILdf5PXsh/rap7gFbujDj3WUOs4qjQXGB64863uM:JsjUA5KVdfyh/+1gduaUOs49XGB64Vo4

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

9117aeeb03ec7c3c491e1c991ec2fd6d009b751532a71c1b5846c2cb3024c023
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 704KB - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ