9ff0c02d61fc213bc32b5dba8bc1a49789f70563ab204fb8489155e4e8ac09b9

General

Target

9ff0c02d61fc213bc32b5dba8bc1a49789f70563ab204fb8489155e4e8ac09b9
Size

4.6MB
MD5

5234aed1c0fa7c797925dbb9c1bcce7c
SHA1

4f819e4ba3a98ed2c3d6da4618fbc1ab1d226595
SHA256

9ff0c02d61fc213bc32b5dba8bc1a49789f70563ab204fb8489155e4e8ac09b9
SHA512

6e6e0d5db2851aa25ac37f32aaa059c955e6134373dd6be83d45c3d22059cb8d4ce68cfc434b2fd92266d14c7afcee930ba4de258e82c4d27b37fa84a61ac2e4
SSDEEP

98304:t0lYj7bSIm1jYSMvHGJunGz03CxhXvzJf6Uknw9A:hSavmJunGA3Cvfzd/knw

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

9ff0c02d61fc213bc32b5dba8bc1a49789f70563ab204fb8489155e4e8ac09b9
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 27.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 700KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27.9MB - Virtual size: 27.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 27.4MB

UPX1 Size: 4.4MB - Virtual size: 4.4MB

.rsrc Size: 123KB - Virtual size: 124KB

Headers

File Characteristics

Sections

CODE Size: 2.9MB - Virtual size: 2.9MB

DATA Size: 122KB - Virtual size: 121KB

BSS Size: - Virtual size: 700KB

.idata Size: 15KB - Virtual size: 14KB

.tls Size: - Virtual size: 20B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 143KB - Virtual size: 143KB

.rsrc Size: 27.9MB - Virtual size: 27.9MB

UPX0
Size: - Virtual size: 27.4MB

UPX1
Size: 4.4MB - Virtual size: 4.4MB

.rsrc
Size: 123KB - Virtual size: 124KB

CODE
Size: 2.9MB - Virtual size: 2.9MB

DATA
Size: 122KB - Virtual size: 121KB

BSS
Size: - Virtual size: 700KB

.idata
Size: 15KB - Virtual size: 14KB

.tls
Size: - Virtual size: 20B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 143KB - Virtual size: 143KB

.rsrc
Size: 27.9MB - Virtual size: 27.9MB