5a1c1ea4c2b17442c5d68fc3f52c18b4fd2e95b8084b2f71e7e84520882a4b8a

Sharing

Copy URL Twitter E-mail

General

Target

5a1c1ea4c2b17442c5d68fc3f52c18b4fd2e95b8084b2f71e7e84520882a4b8a
Size

3.5MB
MD5

dbfa9b2599c9fe2797b9b4c48d63f100
SHA1

8dd872bd36aacabf59bfd01f12d6bd40ce8b6e3a
SHA256

5a1c1ea4c2b17442c5d68fc3f52c18b4fd2e95b8084b2f71e7e84520882a4b8a
SHA512

6b786553167b927e0956ae63d391e2e66fb95f7d10849bbcfa2d65edb2b73ce3b303479b81bcf194f65d888afec537a4fdbb636171977fdc4026aaadc54f53f2
SSDEEP

98304:Mj5Gsb1vB2YvzAbg7nZrnA6QHWqr6GjGhq:M4CBQqAQzWhrwq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
5a1c1ea4c2b17442c5d68fc3f52c18b4fd2e95b8084b2f71e7e84520882a4b8a
unpack001/out.upx

Files

5a1c1ea4c2b17442c5d68fc3f52c18b4fd2e95b8084b2f71e7e84520882a4b8a
.exe windows x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 6.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

_ZN7itas10911CSerialPort10clearErrorEv
_ZN7itas10911CSerialPort10getVersionB5cxx11Ev
_ZN7itas10911CSerialPort11onReadReadyEv
_ZN7itas10911CSerialPort11readAllDataEPc
_ZN7itas10911CSerialPort11setBaudRateEi
_ZN7itas10911CSerialPort11setDataBitsENS_8DataBitsE
_ZN7itas10911CSerialPort11setPortNameENSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN7itas10911CSerialPort11setStopBitsENS_8StopBitsE
_ZN7itas10911CSerialPort12readLineDataEPci
_ZN7itas10911CSerialPort13setDebugModelEb
_ZN7itas10911CSerialPort14setFlowControlENS_11FlowControlE
_ZN7itas10911CSerialPort14setOperateModeENS_11OperateModeE
_ZN7itas10911CSerialPort17setReadBufferSizeEj
_ZN7itas10911CSerialPort19setReadTimeIntervalEi
_ZN7itas10911CSerialPort20setMinByteReadNotifyEj
_ZN7itas10911CSerialPort4initENSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEiNS_6ParityENS_8DataBitsENS_8StopBitsENS_11FlowControlEj
_ZN7itas10911CSerialPort4openEv
_ZN7itas10911CSerialPort5closeEv
_ZN7itas10911CSerialPort6setDtrEb
_ZN7itas10911CSerialPort6setRtsEb
_ZN7itas10911CSerialPort8isOpenedEv
_ZN7itas10911CSerialPort8readDataEPci
_ZN7itas10911CSerialPort9setParityENS_6ParityE
_ZN7itas10911CSerialPort9writeDataEPKci
_ZN7itas10911CSerialPortC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN7itas10911CSerialPortC1Ev
_ZN7itas10911CSerialPortC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN7itas10911CSerialPortC2Ev
_ZN7itas10911CSerialPortD0Ev
_ZN7itas10911CSerialPortD1Ev
_ZN7itas10911CSerialPortD2Ev
_ZN7itas10915CSerialPortInfo18availablePortInfosEv
_ZN7itas10915CSerialPortInfoC1Ev
_ZN7itas10915CSerialPortInfoC2Ev
_ZN7itas10915CSerialPortInfoD1Ev
_ZN7itas10915CSerialPortInfoD2Ev
_ZNK7itas10911CSerialPort11getBaudRateEv
_ZNK7itas10911CSerialPort11getDataBitsEv
_ZNK7itas10911CSerialPort11getPortNameB5cxx11Ev
_ZNK7itas10911CSerialPort11getStopBitsEv
_ZNK7itas10911CSerialPort12getLastErrorEv
_ZNK7itas10911CSerialPort14getFlowControlEv
_ZNK7itas10911CSerialPort17getReadBufferSizeEv
_ZNK7itas10911CSerialPort9getParityEv
_ZTIN7itas10911CSerialPortE
_ZTVN7itas10911CSerialPortE

Sections

.text
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 639KB - Virtual size: 639KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 572KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 6.7MB

UPX1 Size: 3.5MB - Virtual size: 3.5MB

.rsrc Size: 40KB - Virtual size: 40KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 6.7MB - Virtual size: 6.7MB

.data Size: 58KB - Virtual size: 58KB

.rdata Size: 1.9MB - Virtual size: 1.9MB

.pdata Size: 129KB - Virtual size: 128KB

.xdata Size: 639KB - Virtual size: 639KB

.bss Size: - Virtual size: 572KB

.edata Size: 3KB - Virtual size: 2KB

.idata Size: 98KB - Virtual size: 97KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 38KB - Virtual size: 38KB

.reloc Size: 28KB - Virtual size: 28KB

UPX0
Size: - Virtual size: 6.7MB

UPX1
Size: 3.5MB - Virtual size: 3.5MB

.rsrc
Size: 40KB - Virtual size: 40KB

.text
Size: 6.7MB - Virtual size: 6.7MB

.data
Size: 58KB - Virtual size: 58KB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.pdata
Size: 129KB - Virtual size: 128KB

.xdata
Size: 639KB - Virtual size: 639KB

.bss
Size: - Virtual size: 572KB

.edata
Size: 3KB - Virtual size: 2KB

.idata
Size: 98KB - Virtual size: 97KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 38KB - Virtual size: 38KB

.reloc
Size: 28KB - Virtual size: 28KB