d67191b816c87374b3a4206a74bb0e044e93a45a3214b1f9a2a8e288e5d673e4

General

Target

d67191b816c87374b3a4206a74bb0e044e93a45a3214b1f9a2a8e288e5d673e4
Size

620KB
MD5

30c874212c9492722c547960cb8679c5
SHA1

ee7688aa4db3d8055d28139d47e01696c360eabd
SHA256

d67191b816c87374b3a4206a74bb0e044e93a45a3214b1f9a2a8e288e5d673e4
SHA512

0767cf514dd4bf34cb2fe9c3354b21955ea8f99f80e8e85721657edd0c0540cd34b0335e7424f3597e534daf01384697b45814c37ef5f71426dea272931905a6
SSDEEP

12288:XZv1phBwLuZy4r3w11pwUXf32lxq7qzhN9uKFO9HFg+6/28LDjU:XZ9phQ4r3AwUtqz/7FOLy/r

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
d67191b816c87374b3a4206a74bb0e044e93a45a3214b1f9a2a8e288e5d673e4
unpack001/out.upx

Files

d67191b816c87374b3a4206a74bb0e044e93a45a3214b1f9a2a8e288e5d673e4
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 613KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 274KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.1MB

UPX1 Size: 613KB - Virtual size: 616KB

.rsrc Size: 6KB - Virtual size: 8KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 274KB - Virtual size: 273KB

.data Size: 25KB - Virtual size: 55KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 165KB - Virtual size: 165KB

UPX0
Size: - Virtual size: 1.1MB

UPX1
Size: 613KB - Virtual size: 616KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 274KB - Virtual size: 273KB

.data
Size: 25KB - Virtual size: 55KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 165KB - Virtual size: 165KB