Windows 7 IconPack By 2013Windows8[.]1[.]exe | Triage

Sharing

General

Target

Windows 7 IconPack By 2013Windows8.1.exe
Size

15.2MB
MD5

d54c644994f501358b6074a0ce2f331b
SHA1

863d56e70d675eab6e83909fb587ad9e802bcce2
SHA256

24a7869b1b222cc2eae561421b7f0c83048ca4c157d44718102a3e674a412e99
SHA512

404910ea4caad2d05d9a2292b62d46355d98fb9c9577c4fc5838c6507deb84aabde02ec6557fa36d25ce4829322ef8da315f2573268117da07490bee49f51d7a
SSDEEP

393216:sCBY2ekC/ialj+VaCVeNnCrPYFjvnfIlclildwvki/rsJwN1N:p7+iat+4CkNCEF7fIlldwPrsaTN

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

Windows 7 IconPack By 2013Windows8.1.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ