bf14a21240050326c7196f8da37d4e8be0df221efa742b5bedb5d5e41f0a2815 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf14a21240050326c7196f8da37d4e8be0df221efa742b5bedb5d5e41f0a2815
Size

3.0MB
MD5

908dc814d5225312deced8234ea1f435
SHA1

8529d11de62e0922ba9cb3027374a68bf2d8fc3b
SHA256

bf14a21240050326c7196f8da37d4e8be0df221efa742b5bedb5d5e41f0a2815
SHA512

4fc4371f9b31da8951863534311db0bc8ddffe1937f00ae6d24596fc333114162348b4c284931fe344652cae3b963e31e10b3bd59d74b95893217a797b9203c4
SSDEEP

49152:nvo1qaU91l1UVsgUyp3fZbqNkGOKT95+ePK6ycKEOnInjw3Pey0/9zrbxLMQ:nvo1OH15mpx2OoxC63KEsInAPe3/9zKQ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

bf14a21240050326c7196f8da37d4e8be0df221efa742b5bedb5d5e41f0a2815
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 712KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 499KB - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 824KB - Virtual size: 822KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ