b1d96a3a160aedf1959016a2ad82864776097109fa4190e05ca65a92ef928087 | Triage

Sharing

General

Target

b1d96a3a160aedf1959016a2ad82864776097109fa4190e05ca65a92ef928087
Size

188KB
MD5

3da323ab7c7914c31e5c296ed2c8002d
SHA1

b4ddf615600c4488462e49b038b3babc5971f769
SHA256

b1d96a3a160aedf1959016a2ad82864776097109fa4190e05ca65a92ef928087
SHA512

f9b3ab774d5490003b5419c6d5f8c3c8c08767a0bd122ab35568105f55f2232fa34f390340f7a5f599d423e6264c9853ba92155bdb707599f61efb9b11cbabfc
SSDEEP

3072:lX/8fIumU6ArDojilAKr3qbzr5246UrYAPGz07qVnyVz0i6X6t:XpWsjilAKubzU4TJQI0i6Kt

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

b1d96a3a160aedf1959016a2ad82864776097109fa4190e05ca65a92ef928087
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ocx
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE