aa560238cebefc3a2cd0139bed179aea32f54532ee43f3fbfb339fb3515ecb6c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa560238cebefc3a2cd0139bed179aea32f54532ee43f3fbfb339fb3515ecb6c
Size

38KB
MD5

0093deda1dbac600ccfd56fc13c20118
SHA1

af6e325925bb6e0e4c09c863d6714131d830288f
SHA256

aa560238cebefc3a2cd0139bed179aea32f54532ee43f3fbfb339fb3515ecb6c
SHA512

125dbef1c7f581259a62c2a8a72abd7da19d713038f0438851f99de0bfe78f142d18987188c59917f25ad8e0ce6983e5e206cadaf9a25f0d4f374cede2c32ba4
SSDEEP

768:o3hFo61oVrc6NnI5Pmw/HprzN+ACSFu2ScSABxNY:o3wAoDNnI5+AHprzN+2u2S+pY

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

aa560238cebefc3a2cd0139bed179aea32f54532ee43f3fbfb339fb3515ecb6c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ