4c4953e4816c8a18a29f1d6161ea149bf511dd443678c4503d835bafdbe1db71

Sharing

Copy URL Twitter E-mail

General

Target

4c4953e4816c8a18a29f1d6161ea149bf511dd443678c4503d835bafdbe1db71
Size

3.1MB
MD5

5e3bd6c8da03f7cfdd7c19a83a75be90
SHA1

b85a33025487e182ad54be4e022b4031f085d94e
SHA256

4c4953e4816c8a18a29f1d6161ea149bf511dd443678c4503d835bafdbe1db71
SHA512

a0520d75b5c61677a8d8e762bfdab20ffaad095faa10a0f5b277e1351dba712d0364513b97e8ea33bddaac424dac50f2a936f5f6b807551aafa3ed8ec9a791ef
SSDEEP

98304:v2lxBZK49nccyXakKaZksBjMtfmmQEFL:v0ZncXXayZkajuQi

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
4c4953e4816c8a18a29f1d6161ea149bf511dd443678c4503d835bafdbe1db71
unpack001/out.upx

Files

4c4953e4816c8a18a29f1d6161ea149bf511dd443678c4503d835bafdbe1db71
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 5.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 973KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 278B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/18
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/30
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/43
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/59
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/75
Size: 512B - Virtual size: 32B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/90
Size: 512B - Virtual size: 34B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/109
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 882B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.symtab
Size: 643KB - Virtual size: 642KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 5.1MB

UPX1 Size: 3.1MB - Virtual size: 3.1MB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 4.4MB - Virtual size: 4.4MB

.data Size: 973KB - Virtual size: 1.0MB

/4 Size: 512B - Virtual size: 278B

/18 Size: 258KB - Virtual size: 257KB

/30 Size: 273KB - Virtual size: 272KB

/43 Size: 107KB - Virtual size: 107KB

/59 Size: 169KB - Virtual size: 169KB

/75 Size: 512B - Virtual size: 32B

/90 Size: 512B - Virtual size: 34B

/109 Size: 1.3MB - Virtual size: 1.3MB

.idata Size: 1024B - Virtual size: 882B

.symtab Size: 643KB - Virtual size: 642KB

.rsrc Size: 2KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 5.1MB

UPX1
Size: 3.1MB - Virtual size: 3.1MB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 4.4MB - Virtual size: 4.4MB

.data
Size: 973KB - Virtual size: 1.0MB

/4
Size: 512B - Virtual size: 278B

/18
Size: 258KB - Virtual size: 257KB

/30
Size: 273KB - Virtual size: 272KB

/43
Size: 107KB - Virtual size: 107KB

/59
Size: 169KB - Virtual size: 169KB

/75
Size: 512B - Virtual size: 32B

/90
Size: 512B - Virtual size: 34B

/109
Size: 1.3MB - Virtual size: 1.3MB

.idata
Size: 1024B - Virtual size: 882B

.symtab
Size: 643KB - Virtual size: 642KB

.rsrc
Size: 2KB - Virtual size: 2KB