8c2b87d55112bc5890d04b9c7532199ea2f4c0c0db1db8629233c88d6b59cc74

General

Target

8c2b87d55112bc5890d04b9c7532199ea2f4c0c0db1db8629233c88d6b59cc74
Size

2.5MB
MD5

4a54f281c962717f0c751c2d67ea7970
SHA1

d249016f0b1bd7e1877183ff965c476a8e2a2906
SHA256

8c2b87d55112bc5890d04b9c7532199ea2f4c0c0db1db8629233c88d6b59cc74
SHA512

ac188a0694a640aa6737088ecb1e76b0160df2e4db3b975f115df249c4968326decefb7db4a70013804d6b360e84cd4a229c88448fbb7064af345b4323bdb4a4
SSDEEP

49152:jHwrVQOGlink0rpd5EW3Or/Hv2/TGxegxtOZdq7iWO+m9PqXkCPWcS6gbVZQZUp:yVWn0rpTV3yv2Sxtx8Y2ysPZ+Z

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8c2b87d55112bc5890d04b9c7532199ea2f4c0c0db1db8629233c88d6b59cc74
unpack001/out.upx

Files

8c2b87d55112bc5890d04b9c7532199ea2f4c0c0db1db8629233c88d6b59cc74
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 4.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 358KB - Virtual size: 751KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 4.5MB

UPX1 Size: 2.5MB - Virtual size: 2.5MB

UPX2 Size: 512B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 3.1MB - Virtual size: 3.1MB

.data Size: 358KB - Virtual size: 751KB

.pdata Size: 70KB - Virtual size: 70KB

.xdata Size: 512B - Virtual size: 168B

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 57KB - Virtual size: 57KB

.symtab Size: 512B - Virtual size: 4B

UPX0
Size: - Virtual size: 4.5MB

UPX1
Size: 2.5MB - Virtual size: 2.5MB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 3.1MB - Virtual size: 3.1MB

.data
Size: 358KB - Virtual size: 751KB

.pdata
Size: 70KB - Virtual size: 70KB

.xdata
Size: 512B - Virtual size: 168B

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 57KB - Virtual size: 57KB

.symtab
Size: 512B - Virtual size: 4B