ad65c1f3a691fb7cc2c633bf5e520155f5140e5fc205288a7639cc51eacae036

Sharing

Copy URL Twitter E-mail

General

Target

ad65c1f3a691fb7cc2c633bf5e520155f5140e5fc205288a7639cc51eacae036
Size

87KB
MD5

7bfd5e7daf7a3e0a1bd5639dca17e740
SHA1

7c4542f21d3d98f06088044af84ef84a865dee74
SHA256

ad65c1f3a691fb7cc2c633bf5e520155f5140e5fc205288a7639cc51eacae036
SHA512

1299a8a96c48a1e3c31b3d431b730e490b26f58c16cb8f5495334bb0fb939ec911d70482d9cfa18748e4d4b2c8bd9e2b86428160e0250f6049bf3083b0b50ecc
SSDEEP

1536:rZRt43XoOoOtyjEpsTB+3SwrA9qqi2HxQAo0Vz2seEQIOcCj4wTl+baQct1Girur:rZ+XDPyYaQCn9o4/o0JUQkYFs1R6

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

ad65c1f3a691fb7cc2c633bf5e520155f5140e5fc205288a7639cc51eacae036
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.peshit
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.y0da
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PESHLD
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PKLITE
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.arma
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ORiEN
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stealth
Size: 50B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tElock
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SVKP
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Guard
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tElock
Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 1KB - Virtual size: 3KB

.rsrc Size: 85KB - Virtual size: 85KB

.peshit Size: 50B - Virtual size: 50B

.y0da Size: 50B - Virtual size: 50B

.UPX0 Size: 50B - Virtual size: 50B

PESHLD Size: 50B - Virtual size: 50B

.PKLITE Size: 50B - Virtual size: 50B

.arma Size: 50B - Virtual size: 50B

ORiEN Size: 50B - Virtual size: 50B

.stealth Size: 50B - Virtual size:

tElock Size: 50B - Virtual size: 50B

SVKP Size: 50B - Virtual size: 50B

Guard Size: 50B - Virtual size: 50B

tElock Size: 50B - Virtual size: 50B

.text
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 85KB - Virtual size: 85KB

.peshit
Size: 50B - Virtual size: 50B

.y0da
Size: 50B - Virtual size: 50B

.UPX0
Size: 50B - Virtual size: 50B

PESHLD
Size: 50B - Virtual size: 50B

.PKLITE
Size: 50B - Virtual size: 50B

.arma
Size: 50B - Virtual size: 50B

ORiEN
Size: 50B - Virtual size: 50B

.stealth
Size: 50B - Virtual size:

tElock
Size: 50B - Virtual size: 50B

SVKP
Size: 50B - Virtual size: 50B

Guard
Size: 50B - Virtual size: 50B

tElock
Size: 50B - Virtual size: 50B