ImDiskTk-x64[.]exe

General

Target

ImDiskTk-x64.exe
Size

583KB
MD5

39ed093fef44bf8cb0d0be32b4e810f6
SHA1

a988bdefb7b5794946fcf50c895c802efd12f4d7
SHA256

75edc1e0a789d8b05ca3afb550d5109ce1ceaa51012c772f5e7c220b703ce91f
SHA512

e36a078f5f99cc7b4cf027a53c6f0449c256b45018c3c6e2904bad62c52e0036b21fa3dcd73c54d425a7ec2f7fa9c967c8ebf9993b72d2885c70f6d252b6d277
SSDEEP

12288:AEgZyPYyciB3zcNPvtdc4w7AS+JWAC4FC7YKC1aDqRWj8pwnXC2zkCL:AEKycuDOdTlSp4FCMaqR68uXCu/L

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

ImDiskTk-x64.exe
.exe windows x64

Password: 666

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: 666

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 64KB

UPX1 Size: 17KB - Virtual size: 20KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 512B - Virtual size: 384B

.pdata Size: 1024B - Virtual size: 540B

.xdata Size: 1024B - Virtual size: 524B

.bss Size: - Virtual size: 16KB

.edata Size: 512B - Virtual size: 52B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 64KB

UPX1
Size: 17KB - Virtual size: 20KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 512B - Virtual size: 384B

.pdata
Size: 1024B - Virtual size: 540B

.xdata
Size: 1024B - Virtual size: 524B

.bss
Size: - Virtual size: 16KB

.edata
Size: 512B - Virtual size: 52B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB