7646d3bcd66a165adcfe6b5a86a9a041fa50e5b53214a418673eeb149249f36b

General

Target

7646d3bcd66a165adcfe6b5a86a9a041fa50e5b53214a418673eeb149249f36b
Size

463KB
MD5

9d5fbe894578fe41763ad91c559c9684
SHA1

1d7e4aab49b0203ae79f32c3d569c2bab5474d1d
SHA256

7646d3bcd66a165adcfe6b5a86a9a041fa50e5b53214a418673eeb149249f36b
SHA512

0ee8396066c33baf38c1aeb6eedfceda79e04375f16d0f00bf57cc9f464fa16f35df7e37945302c38150ec0110289fba36a5b57730af963c616c940547b00baa
SSDEEP

12288:df4EBh4CgZOQxmPvu3VYfypjMK4CZcP2So/Zo:df4EBheZOwmPvu5jMBt+x

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

7646d3bcd66a165adcfe6b5a86a9a041fa50e5b53214a418673eeb149249f36b
.exe windows x86

8864948b624a33b260714f546b0b4009

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateThread
DeleteFileA
ExitProcess
ExitThread
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetTempFileNameA
GetTempPathA
GetVersionExA
LoadLibraryA
LoadLibraryExA
OpenProcess
WriteProcessMemory
VirtualAlloc
VirtualFree
WriteFile

Sections

UPX0
Size: - Virtual size: 276KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pe
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX0
Size: - Virtual size: 572KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 324KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8864948b624a33b260714f546b0b4009

Headers

File Characteristics

Imports

kernel32

Sections

UPX0 Size: - Virtual size: 276KB

UPX1 Size: 86KB - Virtual size: 88KB

.rsrc Size: 36KB - Virtual size: 40KB

.pe Size: 1024B - Virtual size: 4KB

UPX0 Size: - Virtual size: 572KB

UPX1 Size: 324KB - Virtual size: 328KB

.rsrc Size: 6KB - Virtual size: 8KB

pebundle Size: 8KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 276KB

UPX1
Size: 86KB - Virtual size: 88KB

.rsrc
Size: 36KB - Virtual size: 40KB

.pe
Size: 1024B - Virtual size: 4KB

UPX0
Size: - Virtual size: 572KB

UPX1
Size: 324KB - Virtual size: 328KB

.rsrc
Size: 6KB - Virtual size: 8KB

pebundle
Size: 8KB - Virtual size: 8KB