cactus4_509a533ade43406eb50fa9cb8984b2e10d008ad0ea8c22d0652f3ee101125bb7

Sharing

Copy URL

Twitter E-mail

General

Target

cactus4_509a533ade43406eb50fa9cb8984b2e10d008ad0ea8c22d0652f3ee101125bb7
Size

3.8MB
MD5

eba1596272ff695a1219b1380468293a
SHA1

00086dd2271c0de3d1ec5bb70fada4d84bf522e0
SHA256

509a533ade43406eb50fa9cb8984b2e10d008ad0ea8c22d0652f3ee101125bb7
SHA512

e32876b55fd466b5609571ef93de2b9245cc14613aff0429dd9461b1c55e8ec64feab5830baf5ea328fd63a6fe7c1d156850f8713f5e4d9f20ab35bc572750da
SSDEEP

98304:nZURD19rEs+VqqZTLi+AHrbO4SjmWz2kbeYStkEI5:nZU9nnqZTGHH24SjmWzrN

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
cactus4_509a533ade43406eb50fa9cb8984b2e10d008ad0ea8c22d0652f3ee101125bb7
unpack001/out.upx

Files

cactus4_509a533ade43406eb50fa9cb8984b2e10d008ad0ea8c22d0652f3ee101125bb7
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 4.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

OPENSSL_Applink

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 623KB - Virtual size: 622KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 681KB - Virtual size: 681KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 203KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 77B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 801KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/94
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/110
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 4.2MB

UPX1 Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.data Size: 12KB - Virtual size: 12KB

.rdata Size: 623KB - Virtual size: 622KB

/4 Size: 681KB - Virtual size: 681KB

.bss Size: - Virtual size: 203KB

.edata Size: 512B - Virtual size: 77B

.idata Size: 9KB - Virtual size: 8KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 113KB - Virtual size: 113KB

/14 Size: 5KB - Virtual size: 5KB

/29 Size: 801KB - Virtual size: 800KB

/41 Size: 49KB - Virtual size: 49KB

/55 Size: 90KB - Virtual size: 90KB

/67 Size: 12KB - Virtual size: 11KB

/78 Size: 33KB - Virtual size: 32KB

/94 Size: 75KB - Virtual size: 75KB

/110 Size: 5KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 4.2MB

UPX1
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.data
Size: 12KB - Virtual size: 12KB

.rdata
Size: 623KB - Virtual size: 622KB

/4
Size: 681KB - Virtual size: 681KB

.bss
Size: - Virtual size: 203KB

.edata
Size: 512B - Virtual size: 77B

.idata
Size: 9KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 113KB - Virtual size: 113KB

/14
Size: 5KB - Virtual size: 5KB

/29
Size: 801KB - Virtual size: 800KB

/41
Size: 49KB - Virtual size: 49KB

/55
Size: 90KB - Virtual size: 90KB

/67
Size: 12KB - Virtual size: 11KB

/78
Size: 33KB - Virtual size: 32KB

/94
Size: 75KB - Virtual size: 75KB

/110
Size: 5KB - Virtual size: 5KB