bb1b853252b372813229092021a2eb1dab1891893c0a10b7527c596c922e2aad

General

Target

bb1b853252b372813229092021a2eb1dab1891893c0a10b7527c596c922e2aad
Size

197KB
MD5

0df37cb6cad062a77119be8e794edea0
SHA1

82f3a0b560b46be7011befc6bcb8a09662cc30f9
SHA256

bb1b853252b372813229092021a2eb1dab1891893c0a10b7527c596c922e2aad
SHA512

6f596931571715f8aec8902d4760bd66b4117f34692cb3ecc2f48ef36a0b722f2c19c6fa836eaffd604fab9fd81dc3eed61d0ac76b5b44d452915c20e8451fd3
SSDEEP

3072:E5n/aAJkuR2eFGXyeq4cp+s5aByQEKPeUM6zTg/wiShj0yV:E5CAiM2e0UXHdKP31I4nZV

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

bb1b853252b372813229092021a2eb1dab1891893c0a10b7527c596c922e2aad
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 540KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 139KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 42KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.INIT
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 540KB

UPX1 Size: 79KB - Virtual size: 80KB

UPX2 Size: 31KB - Virtual size: 32KB

.rmnet Size: 86KB - Virtual size: 88KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 139KB - Virtual size: 140KB

DATA Size: 42KB - Virtual size: 448KB

.INIT Size: 3KB - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 9KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 540KB

UPX1
Size: 79KB - Virtual size: 80KB

UPX2
Size: 31KB - Virtual size: 32KB

.rmnet
Size: 86KB - Virtual size: 88KB

CODE
Size: 139KB - Virtual size: 140KB

DATA
Size: 42KB - Virtual size: 448KB

.INIT
Size: 3KB - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 9KB - Virtual size: 12KB