ff1b91bdb3082a919ad13fe6707c04a9e2b5d58056d9ea18f2a5ef149ab40f21

General

Target

ff1b91bdb3082a919ad13fe6707c04a9e2b5d58056d9ea18f2a5ef149ab40f21
Size

823KB
MD5

83caf0df2f7af14d23446a74d717200b
SHA1

356bb5fb616f83f5b9811d99582abbc6fc56d993
SHA256

ff1b91bdb3082a919ad13fe6707c04a9e2b5d58056d9ea18f2a5ef149ab40f21
SHA512

970ca0d040685f7e4dd9ed8b6838c8ca4da44108616a6c269316bcce3f9da640f581ee6fb6f4c6867834ee6b8e8321b33aebf8fef29c7716297b6fce1148b2ac
SSDEEP

24576:FlbB9e/4UFTK8IX0DrQv7R0tN2KmZzoLp4LVD6:jB9QFXmMW10P2K/duh6

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ff1b91bdb3082a919ad13fe6707c04a9e2b5d58056d9ea18f2a5ef149ab40f21
unpack001/out.upx

Files

ff1b91bdb3082a919ad13fe6707c04a9e2b5d58056d9ea18f2a5ef149ab40f21
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 800KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 581KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 20B

IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.1MB

UPX1 Size: 800KB - Virtual size: 800KB

.rsrc Size: 20KB - Virtual size: 20KB

Headers

File Characteristics

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.data Size: 581KB - Virtual size: 580KB

.rdata Size: 14KB - Virtual size: 14KB

.bss Size: - Virtual size: 24KB

.CRT Size: 512B - Virtual size: 4B

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 187KB - Virtual size: 187KB

/4 Size: 512B - Virtual size: 20B

UPX0
Size: - Virtual size: 2.1MB

UPX1
Size: 800KB - Virtual size: 800KB

.rsrc
Size: 20KB - Virtual size: 20KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 581KB - Virtual size: 580KB

.rdata
Size: 14KB - Virtual size: 14KB

.bss
Size: - Virtual size: 24KB

.CRT
Size: 512B - Virtual size: 4B

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 187KB - Virtual size: 187KB

/4
Size: 512B - Virtual size: 20B