c6d281c2a0ebd49c0d7bc10551962e76afc527102d780cb00995cfe36c595081 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c6d281c2a0ebd49c0d7bc10551962e76afc527102d780cb00995cfe36c595081
Size

6KB
MD5

7214805c2df96c1c731cca8fac72b2f5
SHA1

acca4acfa8b702ced7e07ddb7433bd4da56a479a
SHA256

c6d281c2a0ebd49c0d7bc10551962e76afc527102d780cb00995cfe36c595081
SHA512

75be199d955d3ce5c1c8b8ab86aba0d4a671ed5be8189d1ab397a7cd7348a031d38fd593039dfe243b0fba8971509e5f18853104d323dc25b272170215ed6b7c
SSDEEP

96:U2O1M9vxcCydOCr59xXCAAanLLQ/RNVzYimAJO55hc/:7OO9yxdOCr5TXCMnA1zYuJ0hg

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c6d281c2a0ebd49c0d7bc10551962e76afc527102d780cb00995cfe36c595081
.exe windows x86

ae2090a20d1caca285cab0a8b44411e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RevertToSelf

comctl32

ImageList_Add

gdi32

InvertRgn

user32

ClipCursor

msvcrt

printf

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE