ddc922e6e7fd966d3df7c311756f94dfb25b10140434839a355f7e958f3db032

General

Target

ddc922e6e7fd966d3df7c311756f94dfb25b10140434839a355f7e958f3db032
Size

800KB
MD5

6bece360afebc63a13068d8da2018284
SHA1

496659874682423122e037efd31bc13812d3859b
SHA256

ddc922e6e7fd966d3df7c311756f94dfb25b10140434839a355f7e958f3db032
SHA512

a60efb777e5567d6ef0182d967d83ef74b5adfd45612a87f52ee9808c26e736454432c7f83369abbd8a83e1d4d01b1725c71bf22868187c8dc3970c179925dd1
SSDEEP

12288:5SWW8DQtiwCNFuWl1pq1VIeVeaPbl670Z+9TbaupOLuG14M0jW4/Fj:kWWemi5yW/pqFBbl64KSu0LuI4JNj

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

ddc922e6e7fd966d3df7c311756f94dfb25b10140434839a355f7e958f3db032
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 256KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 163KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

Interop_CreateInstance
Interop_Init
Interop_Remove
Interop_SetOption

Sections

.text
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 256KB

UPX1 Size: 163KB - Virtual size: 164KB

.rsrc Size: 93KB - Virtual size: 96KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 245KB - Virtual size: 244KB

.rdata Size: 46KB - Virtual size: 45KB

.data Size: 10KB - Virtual size: 29KB

.rsrc Size: 57KB - Virtual size: 56KB

.reloc Size: 13KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 256KB

UPX1
Size: 163KB - Virtual size: 164KB

.rsrc
Size: 93KB - Virtual size: 96KB

.text
Size: 245KB - Virtual size: 244KB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 10KB - Virtual size: 29KB

.rsrc
Size: 57KB - Virtual size: 56KB

.reloc
Size: 13KB - Virtual size: 12KB