ac9973e84893d199136ec64e314bded62d14be7064fff52b59e24edfac260235 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac9973e84893d199136ec64e314bded62d14be7064fff52b59e24edfac260235
Size

23KB
MD5

8a174a1cf4b0b9b88c375a593a63937b
SHA1

73d7a15ec6ff9024a8d09f59f7e4166ddbb9a788
SHA256

ac9973e84893d199136ec64e314bded62d14be7064fff52b59e24edfac260235
SHA512

6bbec8ca5984fd982ff58e4817580aa562958b8d6b6953ff4db8ca705fac0e4cb7ac8e60eb16138ba0ce32b66bedbffa6848b03f7029321a8b56d11ef756f08b
SSDEEP

384:WATUE4zishrRSWw16KTwu7367zUgoeVF1NtYM0bnDcOm15LzxZYk4jE6gcGAgHy:XP4zis2X5BuzFvWNDKLzxZ6ErA

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

ac9973e84893d199136ec64e314bded62d14be7064fff52b59e24edfac260235
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE