fe8300a19b9d6be8a6cf7d8c0e61d89d6c1a18f3f0f8d49b6757773d4c272cab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe8300a19b9d6be8a6cf7d8c0e61d89d6c1a18f3f0f8d49b6757773d4c272cab
Size

216KB
MD5

c49e67223f2f15afbd31f408d2a14c78
SHA1

b9ee966daa0b1cdf6a86752fac5a41a68dfd8521
SHA256

fe8300a19b9d6be8a6cf7d8c0e61d89d6c1a18f3f0f8d49b6757773d4c272cab
SHA512

695e7f9787359376098cacef51024f80c15e051f6ac0b73135b07b559c7523fa0cd043b01d818efc4140b8189115d4adf540521b7da4b85bc2f320d6bf8f3ec4
SSDEEP

3072:XLN1cZFXovzA3WqCWXxF/LkrCW/ZDHngDgk5V:XLjcMvM3hCWBM/ZD

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

fe8300a19b9d6be8a6cf7d8c0e61d89d6c1a18f3f0f8d49b6757773d4c272cab
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uyimmcs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE