2dcffc289b981466d05dda2ec9795f8709198ae9f0f082b87227ad1e3fd03fac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2dcffc289b981466d05dda2ec9795f8709198ae9f0f082b87227ad1e3fd03fac
Size

642KB
MD5

5bbba0fe098cb9fd09ca18edfb00bdfe
SHA1

349c959463a464b012fe449262942c47be86589d
SHA256

2dcffc289b981466d05dda2ec9795f8709198ae9f0f082b87227ad1e3fd03fac
SHA512

e597ecb388b99dfb26b293da6324dbd92d018ab6593f2f327e2c1487cf98ffc2d3895fbca4aa0a0b34c31a542d1f70443f144eb54238e7d8a02e617df2d8a523
SSDEEP

12288:mvccb5QPu7cKea+iFOxCZJkuSgTu4jU/Y5QU9RWIS4tNOx2PvJI/GwQ8QCohqtC0:mkw2Ke0oxCZJkuSgTu4jU/Y5QAy4tNOi

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

2dcffc289b981466d05dda2ec9795f8709198ae9f0f082b87227ad1e3fd03fac
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newIID
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE