27ab0d2b66ed458f9a08f3f7d383f86885e2869970f5c5e955d44d255f719d14 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27ab0d2b66ed458f9a08f3f7d383f86885e2869970f5c5e955d44d255f719d14
Size

2.2MB
MD5

dde3fd7a3507dd2147ea9b2a47239974
SHA1

855ab14c02ece139839cc838adb55767fee4f162
SHA256

27ab0d2b66ed458f9a08f3f7d383f86885e2869970f5c5e955d44d255f719d14
SHA512

b76d9d849b8c0276f0cf62e31577304de1d391be2508cda14971489669eafa1abfb7d9654486832a71baae8687e82da6039c48fc3d4ab9d53fa23d54bed8ea4e
SSDEEP

49152:ZMtrsK0cVIBujmxchuS8l4S9YlKPE8b/4S8Keqr8cczwKNY7wGq:wwKfCuyShuVl4Fj8bzZrQzwCo9q

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

27ab0d2b66ed458f9a08f3f7d383f86885e2869970f5c5e955d44d255f719d14
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ