d97eaedcc43aae295c35a42a94017b89074cb40e47d0fff49367cd2a85bfec90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d97eaedcc43aae295c35a42a94017b89074cb40e47d0fff49367cd2a85bfec90
Size

22KB
MD5

5b7513471d865aaa71aa403091bacca8
SHA1

1636c6a63e1ff3d7fc8ad7b6ffba3dc6f894a2a8
SHA256

d97eaedcc43aae295c35a42a94017b89074cb40e47d0fff49367cd2a85bfec90
SHA512

a41eb8cecca21eaa5a1e88fa0bfdfbae19963698b29304ac1e4eef93e7250bfcfe4e3f9b588f63e02a3c544c20fee96ac7fb9a74d5476b048e43c3518244a888
SSDEEP

384:iJmYO5cFioBUKiAL2pEwUfa9dcshoCJlK4v+qBUGlzKMWKpmxVo:ImsAuL2pEwMa9i1kyavvc

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

d97eaedcc43aae295c35a42a94017b89074cb40e47d0fff49367cd2a85bfec90
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE