c440edc264e52d2400034fa8f43995f2a50ef546a51d34cbe686f5dbca473376 | Triage

Sharing

General

Target

c440edc264e52d2400034fa8f43995f2a50ef546a51d34cbe686f5dbca473376
Size

27KB
MD5

2773c236cccb0fe7887b6474bbb383c4
SHA1

68b7e8e3418e251e981d3c8c8e8904ed14d938ed
SHA256

c440edc264e52d2400034fa8f43995f2a50ef546a51d34cbe686f5dbca473376
SHA512

a678550f5ee9f2e1443454773a42ca522951591c0616370e50038585a0cab86c1c54b5b165f841c844d586043fc992b022b67183b37a8eca715007e9a4a2c959
SSDEEP

768:ZneCvt+Xp7DAXLn43oewpUo3HwKZhE08uDLeRL:ZeCvU7Dk744kKwKZh3/Du

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c440edc264e52d2400034fa8f43995f2a50ef546a51d34cbe686f5dbca473376
.exe windows x86

67fdc237b514ec9fab9c4500917eb60f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc

Sections

UPX0
Size: - Virtual size: 192KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1st
Size: 512B - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE