17cebfc5b85e63e61a53424f60a65ff0a87c3e63b7f030c8def97f8d45ef0738

Sharing

Copy URL Twitter E-mail

General

Target

17cebfc5b85e63e61a53424f60a65ff0a87c3e63b7f030c8def97f8d45ef0738
Size

1.1MB
MD5

e607f7943ffc743628a7988f04fc450d
SHA1

f72b77b4ff3fba981c3076e84798a5b455bc57ba
SHA256

17cebfc5b85e63e61a53424f60a65ff0a87c3e63b7f030c8def97f8d45ef0738
SHA512

ba415db2bbbe2c304ccd1b1984325252cc76c93892778cc15c57bd24e044b137294a15832daba77907c521cae5e39c548bd7d6cb38c13a48bd81a3d9942106cf
SSDEEP

24576:mxJkMOGROupVWrTzIqdY1gw5lUCXXSNmVD6a6XPg7JnYrUAROKNLG:qJY0Qc1XUCXiIVD6aso7JYrUfKNLG

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
17cebfc5b85e63e61a53424f60a65ff0a87c3e63b7f030c8def97f8d45ef0738
unpack001/out.upx

Files

17cebfc5b85e63e61a53424f60a65ff0a87c3e63b7f030c8def97f8d45ef0738
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 632KB - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 297B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/32
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/46
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/65
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/90
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.1MB

UPX1 Size: 1.1MB - Virtual size: 1.1MB

UPX2 Size: 512B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 519KB - Virtual size: 519KB

.rdata Size: 632KB - Virtual size: 632KB

.data Size: 48KB - Virtual size: 396KB

.pdata Size: 15KB - Virtual size: 14KB

.xdata Size: 512B - Virtual size: 156B

/4 Size: 512B - Virtual size: 297B

/19 Size: 120KB - Virtual size: 119KB

/32 Size: 24KB - Virtual size: 23KB

/46 Size: 512B - Virtual size: 48B

/65 Size: 228KB - Virtual size: 228KB

/78 Size: 112KB - Virtual size: 111KB

/90 Size: 43KB - Virtual size: 42KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 10KB

.symtab Size: 79KB - Virtual size: 78KB

UPX0
Size: - Virtual size: 1.1MB

UPX1
Size: 1.1MB - Virtual size: 1.1MB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 519KB - Virtual size: 519KB

.rdata
Size: 632KB - Virtual size: 632KB

.data
Size: 48KB - Virtual size: 396KB

.pdata
Size: 15KB - Virtual size: 14KB

.xdata
Size: 512B - Virtual size: 156B

/4
Size: 512B - Virtual size: 297B

/19
Size: 120KB - Virtual size: 119KB

/32
Size: 24KB - Virtual size: 23KB

/46
Size: 512B - Virtual size: 48B

/65
Size: 228KB - Virtual size: 228KB

/78
Size: 112KB - Virtual size: 111KB

/90
Size: 43KB - Virtual size: 42KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 10KB

.symtab
Size: 79KB - Virtual size: 78KB