b521cf4a0a65041e9125b5c5097fad8fab3cb3f4069f606d0057f4c36fab211c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b521cf4a0a65041e9125b5c5097fad8fab3cb3f4069f606d0057f4c36fab211c
Size

97KB
MD5

0a48c7d2a5aac0a0599d40156f3653ca
SHA1

2d58c8412696787f3d6bd65943ee4957b7b464d6
SHA256

b521cf4a0a65041e9125b5c5097fad8fab3cb3f4069f606d0057f4c36fab211c
SHA512

6347d6fa3e14f3343c489859f799d052c1704042e1f5ace611c82ba9ae4cb65a216e3ad86c3ffe00f71052425114d069668ac5e781fa6eb20ad6ca9d4668640a
SSDEEP

3072:VLsrNXK8oaDD3J0zKuNV3P1ZKYy73C9DLusY2EwQsyWH:VgrrV50VV9FXhuVelf

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

b521cf4a0a65041e9125b5c5097fad8fab3cb3f4069f606d0057f4c36fab211c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 380KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 352KB - Virtual size: 351KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ