25ed50c1b978ca2ed83520c8c04ff98794807f42e7fe7c3b3e13f6152467ea2c

General

Target

25ed50c1b978ca2ed83520c8c04ff98794807f42e7fe7c3b3e13f6152467ea2c
Size

313KB
MD5

f6a8a0703497ec2891f75b78016175e6
SHA1

8bf8eb3d5470744c554ca847d4fc240cb41fdf1d
SHA256

25ed50c1b978ca2ed83520c8c04ff98794807f42e7fe7c3b3e13f6152467ea2c
SHA512

eb03f46791186e3f16b2241c63c616a551f2e2c8614d714086419f2e69462b2f72effe0a8611a1d6af8c873b21cd3fe40ac0f87de2e75edb5bed466512662ad4
SSDEEP

6144:/+D888pPbIfxB6JZqkN1eGP2a383vTxLX1GHqtX:c8KZwleGuaqF1uq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

25ed50c1b978ca2ed83520c8c04ff98794807f42e7fe7c3b3e13f6152467ea2c
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 656KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 204KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 239KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 656KB

UPX1 Size: 204KB - Virtual size: 208KB

.rsrc Size: 108KB - Virtual size: 108KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 239KB - Virtual size: 239KB

.rdata Size: 102KB - Virtual size: 102KB

.data Size: 20KB - Virtual size: 306KB

.pdata Size: 8KB - Virtual size: 8KB

.data1 Size: 1024B - Virtual size: 520B

.trace Size: 10KB - Virtual size: 9KB

_RDATA Size: 2KB - Virtual size: 1KB

.rsrc Size: 160KB - Virtual size: 159KB

.reloc Size: 3KB - Virtual size: 3KB

UPX0
Size: - Virtual size: 656KB

UPX1
Size: 204KB - Virtual size: 208KB

.rsrc
Size: 108KB - Virtual size: 108KB

.text
Size: 239KB - Virtual size: 239KB

.rdata
Size: 102KB - Virtual size: 102KB

.data
Size: 20KB - Virtual size: 306KB

.pdata
Size: 8KB - Virtual size: 8KB

.data1
Size: 1024B - Virtual size: 520B

.trace
Size: 10KB - Virtual size: 9KB

_RDATA
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 160KB - Virtual size: 159KB

.reloc
Size: 3KB - Virtual size: 3KB