ac115af5d17fb1324f9ece055d66cd9c66239a80df6172dc02b0b485679d47df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac115af5d17fb1324f9ece055d66cd9c66239a80df6172dc02b0b485679d47df
Size

914KB
MD5

34693c7a794c3f8b5e033221789f8d54
SHA1

b3fdf3fa7bbf6fc955c8ac4641c0bfef8e7afb87
SHA256

ac115af5d17fb1324f9ece055d66cd9c66239a80df6172dc02b0b485679d47df
SHA512

efb3af4f625b748a22798753f6fd025ff03995e8d91e91b30187c3cccf7bdc57606f9a884c36569849c590a95dd56dd773c83266d540afd396b2fdbfcca6f4a0
SSDEEP

24576:VlDN3bH69UBaacw5mgbyZ97CBN1zAjqrZ0MGCPfHP:NbHi2DcM5byZ97edaq9l/P

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

ac115af5d17fb1324f9ece055d66cd9c66239a80df6172dc02b0b485679d47df
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 689KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE