f12d1460835950c4c3a19cbe2b5847addffba667327c21f0bde42bb852ba8f49 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f12d1460835950c4c3a19cbe2b5847addffba667327c21f0bde42bb852ba8f49
Size

36KB
MD5

f213d6e6a399213de83838eb9279f742
SHA1

730ba38ccdf3a5359d008674b45cdcd243d23958
SHA256

f12d1460835950c4c3a19cbe2b5847addffba667327c21f0bde42bb852ba8f49
SHA512

668d99ffc83de0cc8de7df3bf1ca792b096104172c419111ec0ab17472a15c173f73aca35c7b9712c53124ea22c20793d58307277db50b4ad3c19c8250d3d6a4
SSDEEP

384:qiDcV/7LmHQvsn/NVBy0o3ZyiMybF8LnM:jDs+wvW/NVBy0oJyiMybA

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

f12d1460835950c4c3a19cbe2b5847addffba667327c21f0bde42bb852ba8f49
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE