29fe09a958ace54f54477727ee1f678430e33096d4ced4ebd8dcb9c1e3c38840 | Triage

Sharing

General

Target

29fe09a958ace54f54477727ee1f678430e33096d4ced4ebd8dcb9c1e3c38840
Size

878KB
MD5

ca91498fe51a8c29ac458c74e59c00c4
SHA1

15dbab70167a91ce30ac8d331ae506657e3af16e
SHA256

29fe09a958ace54f54477727ee1f678430e33096d4ced4ebd8dcb9c1e3c38840
SHA512

6cbc05c963c99f9ceca44ccd8357df7efa5a7e8d067981336096bf1eb1ba37d7d4e19b08064268d50d4c1667a0b863c496617a84a7f9d5d5e5a7d1ea41e2e87b
SSDEEP

24576:DAeTigak/tRu1A8qWrJzWJsWmA6qKBqJemZ3:Dvxe5G3

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

29fe09a958ace54f54477727ee1f678430e33096d4ced4ebd8dcb9c1e3c38840
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 360KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 145KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma1
Size: 460KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE