genCrossC2[.]Win[.]exe

General

Target

genCrossC2.Win.exe
Size

14.8MB
MD5

0669098ca2c43d73023d4b56921ab3a3
SHA1

f0d2d6a31db199682f57a58385921a09519b66aa
SHA256

a15065f3fe1e933003fe8cfcc1aa2f83287ce906ed254fd8db889dc4f864dc73
SHA512

a7d35cb7794d8d89169d44cb86c731597ee2d97b5c9011115e5d806ba97495665beab04a4be9a23b9ae2a5e6944b828601a93da8c4f73bae0523e8e3455aa1c7
SSDEEP

393216:FOimYZ1ZgWGbIxdmduULSMNXPfQAUJpifp7dRcfVdJvqOcQePOMAx:bmKrGbIudRr/fQAUEpRidvq5FAx

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

genCrossC2.Win.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 7.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 14.8MB - Virtual size: 14.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 12.5MB - Virtual size: 12.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 454KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9.2MB - Virtual size: 9.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 7.8MB

UPX1 Size: 14.8MB - Virtual size: 14.8MB

UPX2 Size: 1024B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 12.5MB - Virtual size: 12.5MB

.rdata Size: 454KB - Virtual size: 454KB

.data Size: 9.2MB - Virtual size: 9.3MB

.pdata Size: 45KB - Virtual size: 45KB

.reloc Size: 18KB - Virtual size: 18KB

UPX0
Size: - Virtual size: 7.8MB

UPX1
Size: 14.8MB - Virtual size: 14.8MB

UPX2
Size: 1024B - Virtual size: 4KB

.text
Size: 12.5MB - Virtual size: 12.5MB

.rdata
Size: 454KB - Virtual size: 454KB

.data
Size: 9.2MB - Virtual size: 9.3MB

.pdata
Size: 45KB - Virtual size: 45KB

.reloc
Size: 18KB - Virtual size: 18KB