2e0cf0269a516e6354dbcf460a372e96c6fbfb3da0fb48dd195896227b5444da

General

Target

2e0cf0269a516e6354dbcf460a372e96c6fbfb3da0fb48dd195896227b5444da
Size

224KB
MD5

82a6f9e626a03b0b977ea04d900caf3a
SHA1

67868c93632077a4fdfb065ffcb4883b4b75cfa5
SHA256

2e0cf0269a516e6354dbcf460a372e96c6fbfb3da0fb48dd195896227b5444da
SHA512

8cc52f07ca5a95a71a7110942e0bb570fe54e9bd5efe0e998c2924852b8e0f63b16ec211a1844205f2003a9608f7e16341449b211a91d2f628e67c67a81de87e
SSDEEP

3072:Wr2LElGEeEDfqnSi0w3VkRI+2VzizLXeIVeBTjTXliJkqYYPmds0YAYXR9pef+it:ZPiJkq8pjyWjK6c2Xkmzh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2e0cf0269a516e6354dbcf460a372e96c6fbfb3da0fb48dd195896227b5444da
unpack001/out.upx

NSIS installer 1 IoCs

installer

resource	yara_rule
static1/unpack001/out.upx	nsis_installer_2

Files

2e0cf0269a516e6354dbcf460a372e96c6fbfb3da0fb48dd195896227b5444da
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.8MB

UPX1 Size: 21KB - Virtual size: 24KB

.rsrc Size: 152KB - Virtual size: 152KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 3.6MB

.ndata Size: - Virtual size: 32KB

.rsrc Size: 148KB - Virtual size: 147KB

UPX0
Size: - Virtual size: 3.8MB

UPX1
Size: 21KB - Virtual size: 24KB

.rsrc
Size: 152KB - Virtual size: 152KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 3.6MB

.ndata
Size: - Virtual size: 32KB

.rsrc
Size: 148KB - Virtual size: 147KB