00d5e412b5291821d1d494e993d6df45002cdedb9c750e4133f73ec6a67653ee

General

Target

00d5e412b5291821d1d494e993d6df45002cdedb9c750e4133f73ec6a67653ee
Size

3.2MB
MD5

92a57e8a84eb3be8af9c64753c30781b
SHA1

bd0717580833a366d3c2b4f8b368095714c4c98d
SHA256

00d5e412b5291821d1d494e993d6df45002cdedb9c750e4133f73ec6a67653ee
SHA512

dd3bcb529dfaab3470c62ee263cef66a3675cd3375d6f8b043b67f2a22564f86d0318c4fc79ad87e0579d2ceff93677745fecdab926141d5687ee3b5cb5753c2
SSDEEP

98304:3O3162ZzYTU8dGrBsyJ8fx6E73scUObEg7HYVZJLZ3KOu:e3M2t6UBrBur78Sp7sxX

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

00d5e412b5291821d1d494e993d6df45002cdedb9c750e4133f73ec6a67653ee
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 46KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 620B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.1MB

UPX1 Size: 3.2MB - Virtual size: 3.2MB

.rsrc Size: 3KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.data Size: 200KB - Virtual size: 199KB

.bss Size: - Virtual size: 46KB

.idata Size: 15KB - Virtual size: 14KB

.didata Size: 3KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 156B

.tls Size: - Virtual size: 620B

.rdata Size: 512B - Virtual size: 109B

.pdata Size: 117KB - Virtual size: 117KB

.rsrc Size: 2.3MB - Virtual size: 2.3MB

UPX0
Size: - Virtual size: 2.1MB

UPX1
Size: 3.2MB - Virtual size: 3.2MB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 200KB - Virtual size: 199KB

.bss
Size: - Virtual size: 46KB

.idata
Size: 15KB - Virtual size: 14KB

.didata
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 156B

.tls
Size: - Virtual size: 620B

.rdata
Size: 512B - Virtual size: 109B

.pdata
Size: 117KB - Virtual size: 117KB

.rsrc
Size: 2.3MB - Virtual size: 2.3MB