cb4b7a91f0b329de8afd1c80c83d21c9c626a22d906da9cb1b7beacff5d67586 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb4b7a91f0b329de8afd1c80c83d21c9c626a22d906da9cb1b7beacff5d67586
Size

361KB
MD5

4712e53f35bae054f200d3890c3a12d4
SHA1

853b8b872250aa8e36e8b4ac5026249506347017
SHA256

cb4b7a91f0b329de8afd1c80c83d21c9c626a22d906da9cb1b7beacff5d67586
SHA512

b2e206c3983f73b757ebcf26f42e197cf053f5197d1df7a3cc4e5c1659f8581a24fb5abdc9373ee8e978034b31a4cc63050694c71f8c89463890bcccf7dccab8
SSDEEP

6144:ZK2ZcegAhRYaK69dzSW36DNzOSAQqOR7VahohOEIAq4JCY8U4mV7RY0uklRZm47p:YQPhKUSW5zQqORZGMhwW7RRhB7+tT

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

cb4b7a91f0b329de8afd1c80c83d21c9c626a22d906da9cb1b7beacff5d67586
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 680KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 331KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 592KB - Virtual size: 591KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ