4bd7686dfdc21d3763deecc2bb8a238eb1848fe8328411aabded29d08a529398

General

Target

4bd7686dfdc21d3763deecc2bb8a238eb1848fe8328411aabded29d08a529398
Size

3.2MB
MD5

337e4fd5e423ee5e716ed7ee270bcd00
SHA1

6390cf1f9b5a7e5dc3494d603c634e8b5c9b6233
SHA256

4bd7686dfdc21d3763deecc2bb8a238eb1848fe8328411aabded29d08a529398
SHA512

e44814ffdfda11c7f2461b3ec8fa587bf2ca28b8f48b28a9bf103d5a3faf3e5293995c88e8e625eb71f856b5e5160f52ef011a5decd3acd4b1029aa63591e724
SSDEEP

98304:/O3162ZzwKTsGPSlqkH/s7SyBdSez0Onb2GxfU0C3uu9pzBggmgH1kYb/B:23M2t7QZH1yTQKcvB9pz3V3zB

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

4bd7686dfdc21d3763deecc2bb8a238eb1848fe8328411aabded29d08a529398
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 46KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 620B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.1MB

UPX1 Size: 3.2MB - Virtual size: 3.2MB

.rsrc Size: 3KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.data Size: 200KB - Virtual size: 199KB

.bss Size: - Virtual size: 46KB

.idata Size: 15KB - Virtual size: 14KB

.didata Size: 3KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 156B

.tls Size: - Virtual size: 620B

.rdata Size: 512B - Virtual size: 109B

.pdata Size: 117KB - Virtual size: 117KB

.rsrc Size: 2.3MB - Virtual size: 2.3MB

UPX0
Size: - Virtual size: 2.1MB

UPX1
Size: 3.2MB - Virtual size: 3.2MB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 200KB - Virtual size: 199KB

.bss
Size: - Virtual size: 46KB

.idata
Size: 15KB - Virtual size: 14KB

.didata
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 156B

.tls
Size: - Virtual size: 620B

.rdata
Size: 512B - Virtual size: 109B

.pdata
Size: 117KB - Virtual size: 117KB

.rsrc
Size: 2.3MB - Virtual size: 2.3MB