64e84ac6679fb6ef02d88a608e231d4d8a6ccbb0239d9a0971eb1fd7ac5063cb

General

Target

64e84ac6679fb6ef02d88a608e231d4d8a6ccbb0239d9a0971eb1fd7ac5063cb
Size

5.8MB
MD5

b2316195a13238cf2ccdc9a60eb0d327
SHA1

e30be6988f4d160f6db51c090391c8933a3c63ad
SHA256

64e84ac6679fb6ef02d88a608e231d4d8a6ccbb0239d9a0971eb1fd7ac5063cb
SHA512

dbcbf1d5d447367d5d1d108d5d19a2ed76e1c17e51900751a210271a1de76e1e4d01f39b6bbb4d033dc1e4ed9eff12c3d5916075b0d16cedf555a05106b46e15
SSDEEP

98304:1co+GVGsmfeLPt9OBqh3etaYoVFRZF91h/n0ZT9sWi1qkXIbMjnu6YC0PmVf2/Pc:a+VGsJt9bMaY8DHPET6/b4bM66YC0Pmf

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/CapOSv1.3.1_compress.exe	upx
static1/unpack001/CapOSv1.3.1_compressx86.exe	upx
static1/unpack001/CapOSv1.3.2_compressx86.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CapOSv1.3.1_compress.exe
unpack001/CapOSv1.3.1_compressx86.exe
unpack001/CapOSv1.3.2_compressx86.exe

Files

64e84ac6679fb6ef02d88a608e231d4d8a6ccbb0239d9a0971eb1fd7ac5063cb
.rar
CapOSv1.3.1_compress.exe
.exe windows:4 windows x64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 11.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CapOSv1.3.1_compressx86.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 10.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CapOSv1.3.2_compressx86.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 761KB - Virtual size: 764KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 11.3MB

UPX1 Size: 2.8MB - Virtual size: 2.8MB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 10.3MB

UPX1 Size: 2.2MB - Virtual size: 2.2MB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.2MB

UPX1 Size: 761KB - Virtual size: 764KB

UPX2 Size: 512B - Virtual size: 4KB

UPX0
Size: - Virtual size: 11.3MB

UPX1
Size: 2.8MB - Virtual size: 2.8MB

UPX2
Size: 512B - Virtual size: 4KB

UPX0
Size: - Virtual size: 10.3MB

UPX1
Size: 2.2MB - Virtual size: 2.2MB

UPX2
Size: 512B - Virtual size: 4KB

UPX0
Size: - Virtual size: 2.2MB

UPX1
Size: 761KB - Virtual size: 764KB

UPX2
Size: 512B - Virtual size: 4KB