f1cfb0e69444e6434feeabadfa3a3fd8d0fc86ef6df075c05e65f3303ec37aa3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1cfb0e69444e6434feeabadfa3a3fd8d0fc86ef6df075c05e65f3303ec37aa3
Size

522KB
MD5

a88804df7c6251593f434a92c003b45a
SHA1

04ff9bc8ba3f1cf385264b29e95879509a5265cf
SHA256

f1cfb0e69444e6434feeabadfa3a3fd8d0fc86ef6df075c05e65f3303ec37aa3
SHA512

b8f7c858bf96e90961215552f5f75d45494408831d3e461f7eb4ac592621bdd9e7b502c4c821f5e88d1d9d595978f433973626a6c3a3827a271d220b8bc0cf74
SSDEEP

6144:nD5Xo4M9wSC3GorZw7MZ6hXuvCc2ZqRNE84Peo6Sfem8rxyvW0b2+wJ0oFjSdMll:+4Mywg8OC9Zq7w6SfemoxJAa2oUmJB

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

f1cfb0e69444e6434feeabadfa3a3fd8d0fc86ef6df075c05e65f3303ec37aa3
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

�PX0
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.A.Vi.RA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.F.U.C.K
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE