1ca52436a2e88c22db22494952d9099d930c8e0554d214925fcee8eb311e5861

General

Target

1ca52436a2e88c22db22494952d9099d930c8e0554d214925fcee8eb311e5861
Size

377KB
MD5

c8a93aae473fce119b68868344e2f4e4
SHA1

df228ffba9cea2c75b717a1caf254410ecce802e
SHA256

1ca52436a2e88c22db22494952d9099d930c8e0554d214925fcee8eb311e5861
SHA512

bfaf3415ec0d7137c07e34238a03621dd8f2a05c4d3ef02b1f2cbe52f35c6acf085172b0f66a073374b9cba241b76d98f8c750666a2c1f3c142dfe682a42c04e
SSDEEP

6144:yBTxxkLwdra8MRdFuPGDvivCT9zffV9ofjRYZcqZZyDG+OrC38:yBcLwNaNN/jivwVGbRYZcSZyG+OrCs

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

1ca52436a2e88c22db22494952d9099d930c8e0554d214925fcee8eb311e5861
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 856KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 306KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??0ScreenShot@@QAE@ABV0@@Z
??0ScreenShot@@QAE@XZ
??1ScreenShot@@UAE@XZ
??4ScreenShot@@QAEAAV0@ABV0@@Z
??_7ScreenShot@@6B@
?CreateScreenShot@@YAPAVScreenShot@@PAVDelegate@1@@Z
?DestroyScreenShot@@YAXPAVScreenShot@@@Z

Sections

.text
Size: 465KB - Virtual size: 465KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 492KB - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 856KB

UPX1 Size: 306KB - Virtual size: 308KB

.rsrc Size: 70KB - Virtual size: 72KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 465KB - Virtual size: 465KB

.rdata Size: 119KB - Virtual size: 119KB

.data Size: 10KB - Virtual size: 19KB

.rsrc Size: 492KB - Virtual size: 492KB

.reloc Size: 32KB - Virtual size: 31KB

UPX0
Size: - Virtual size: 856KB

UPX1
Size: 306KB - Virtual size: 308KB

.rsrc
Size: 70KB - Virtual size: 72KB

.text
Size: 465KB - Virtual size: 465KB

.rdata
Size: 119KB - Virtual size: 119KB

.data
Size: 10KB - Virtual size: 19KB

.rsrc
Size: 492KB - Virtual size: 492KB

.reloc
Size: 32KB - Virtual size: 31KB