b6ab65b34ce2adcced527f21de4b0d612b137462fb2c5cb3e5e808d7f2e1cfcd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6ab65b34ce2adcced527f21de4b0d612b137462fb2c5cb3e5e808d7f2e1cfcd
Size

68KB
MD5

9051a257a92d19197ba4e77588774360
SHA1

b1ac0970197982c688dc09a7c0231766d26d38cf
SHA256

b6ab65b34ce2adcced527f21de4b0d612b137462fb2c5cb3e5e808d7f2e1cfcd
SHA512

4f85b1dc69875c181bad83acd060517f28380c41eb6915494a632c8d2ae10058a04b9134250be3a6bdb7e12ee513b61b5538b5c905907cbb85199bc706a7ab2a
SSDEEP

1536:u77twtqQyYzm9epEbEPFgrp+iNIHVnZrbYxAbqvu:WStq+m9lbIgt7NQj/+Jvu

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

b6ab65b34ce2adcced527f21de4b0d612b137462fb2c5cb3e5e808d7f2e1cfcd
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 256KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ