2e4c3ae32372bb1b189665e8e84c13bcc88e7f2c7459f71e075694fd3aaf8376

General

Target

2e4c3ae32372bb1b189665e8e84c13bcc88e7f2c7459f71e075694fd3aaf8376
Size

610KB
MD5

1c73c307773fedfccd544a6b6b0b55b9
SHA1

899ffd934e0b8a6df4b115c49df33fca524e2135
SHA256

2e4c3ae32372bb1b189665e8e84c13bcc88e7f2c7459f71e075694fd3aaf8376
SHA512

049211f9d07e3cca9f92dfb1bc2e0f6895586f9f36b2651ffb2de20f3573ba9d719aff27e67b996f4706852578e919810e3e6854eebf0aaff0d412d8cabc127d
SSDEEP

12288:mT9zGQU31phksyH0F8eHSE3BGAFTT/OAchocfoOG6FTvcDldnozRpXFqOO:mRyQUlGuLSE3BGAF//xlcfoO/IDr6FqO

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

resource	yara_rule
sample	upx

Files

2e4c3ae32372bb1b189665e8e84c13bcc88e7f2c7459f71e075694fd3aaf8376
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

TMethodImplementationIntercept

Sections

UPX0
Size: - Virtual size: 928KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 277KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 873KB - Virtual size: 872KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 250B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 107B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 928KB

UPX1 Size: 332KB - Virtual size: 332KB

.rsrc Size: 277KB - Virtual size: 280KB

Headers

File Characteristics

Sections

.text Size: 873KB - Virtual size: 872KB

.itext Size: 17KB - Virtual size: 17KB

.data Size: 23KB - Virtual size: 22KB

.bss Size: - Virtual size: 24KB

.idata Size: 4KB - Virtual size: 4KB

.didata Size: 512B - Virtual size: 250B

.edata Size: 512B - Virtual size: 107B

.tls Size: - Virtual size: 20B

.rdata Size: 512B - Virtual size: 93B

.rsrc Size: 276KB - Virtual size: 276KB

UPX0
Size: - Virtual size: 928KB

UPX1
Size: 332KB - Virtual size: 332KB

.rsrc
Size: 277KB - Virtual size: 280KB

.text
Size: 873KB - Virtual size: 872KB

.itext
Size: 17KB - Virtual size: 17KB

.data
Size: 23KB - Virtual size: 22KB

.bss
Size: - Virtual size: 24KB

.idata
Size: 4KB - Virtual size: 4KB

.didata
Size: 512B - Virtual size: 250B

.edata
Size: 512B - Virtual size: 107B

.tls
Size: - Virtual size: 20B

.rdata
Size: 512B - Virtual size: 93B

.rsrc
Size: 276KB - Virtual size: 276KB