674bcb87471a5625ff788179d82c5701057d43422600b5b6f86875058a5ad82d

General

Target

674bcb87471a5625ff788179d82c5701057d43422600b5b6f86875058a5ad82d
Size

591KB
MD5

3235d71ecf06f8fb5c7169d1e2534400
SHA1

2dc2ddef44fc0b752b7e55c6670ab46dd4a054b0
SHA256

674bcb87471a5625ff788179d82c5701057d43422600b5b6f86875058a5ad82d
SHA512

64c829319cf48f68ddc2f925092c711f986f9c5d4c05eb95c774f6bd3790318ac7a1412b55f9aa9b83ac9029f2d0e7323d2af14af31d3ca474a63dfbdf014ad3
SSDEEP

12288:sIJW6yARitudbtYJ04YsPkJW7P/cx2Qmfp3rUBBoagX9wgqnp4Ug:sy/EtISS4kBOfCB6agX9RUg

Score

9^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/NF-(e)40001875500.cpl	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/NF-(e)40001875500.cpl	upx

Files

674bcb87471a5625ff788179d82c5701057d43422600b5b6f86875058a5ad82d
.zip
NF-(e)40001875500.cpl
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 500KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 602KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 594KB - Virtual size: 594KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 500KB

UPX1 Size: 602KB - Virtual size: 604KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 594KB - Virtual size: 594KB

.itext Size: 1KB - Virtual size: 1KB

.data Size: 43KB - Virtual size: 43KB

.bss Size: - Virtual size: 20KB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 40KB - Virtual size: 40KB

.rsrc Size: 355KB - Virtual size: 355KB

UPX0
Size: - Virtual size: 500KB

UPX1
Size: 602KB - Virtual size: 604KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 594KB - Virtual size: 594KB

.itext
Size: 1KB - Virtual size: 1KB

.data
Size: 43KB - Virtual size: 43KB

.bss
Size: - Virtual size: 20KB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 355KB - Virtual size: 355KB