97a882c7d92b4ed50599e0a64a420ce4a5af5c991e9ee45e86036d469d68d067 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97a882c7d92b4ed50599e0a64a420ce4a5af5c991e9ee45e86036d469d68d067
Size

344KB
MD5

93948b3f10caa0274d34f7011259e35b
SHA1

21e82aa7637981fc6f2c6014602f0bccc91437d2
SHA256

97a882c7d92b4ed50599e0a64a420ce4a5af5c991e9ee45e86036d469d68d067
SHA512

92d97fc69267d2e2fb2d09c082b1f47aef9c840b73651bf504499c430f25e45d3020d791d0bc02bf13f4f2292ed41ed4958235543214e48858cba7413f5bb958
SSDEEP

6144:7iJ4/3SFqGxI0k/Ca9Dls/+52riUu0u0k9x8+QZvn+yZHa+cjj:A46DIN9yaD+k98HrY

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

97a882c7d92b4ed50599e0a64a420ce4a5af5c991e9ee45e86036d469d68d067
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 504KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 215KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 368KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ