b2d5ca50d8250c390d0f2c8910f8cb9ebad0e166ef55a4ec93bc22d29e2b2a6f | Triage

Sharing

General

Target

b2d5ca50d8250c390d0f2c8910f8cb9ebad0e166ef55a4ec93bc22d29e2b2a6f
Size

312KB
MD5

b37649cfab412557e820912083b767f2
SHA1

1edcc2f83dfef38c463651dee9752c2246eb39c6
SHA256

b2d5ca50d8250c390d0f2c8910f8cb9ebad0e166ef55a4ec93bc22d29e2b2a6f
SHA512

8b80ef1e64fef8323afbc6e8ef3ec095e79b6d9c0ab2453af58af68f2f55515084d0b0cad8ec7d87e43aa7a36c519f6e203bf12b4ccfc4ba7379979fa0fe3daa
SSDEEP

3072:Pb1aWkrcU4gTy7LNcjU1PiQsbQXyFjKUSS/hezE6q0vCg:Ba+eAxcjki3sCVKUh/cE6q0f

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

b2d5ca50d8250c390d0f2c8910f8cb9ebad0e166ef55a4ec93bc22d29e2b2a6f
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newIID
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE