442ca888a956098037b698a57ae7fc5d04ea1e18f6df511b968f9be41ee6444d

General

Target

442ca888a956098037b698a57ae7fc5d04ea1e18f6df511b968f9be41ee6444d
Size

1.9MB
MD5

42b9934cd64b18105591a64f2ef7c90c
SHA1

d64ba7a8e1491ec23fd0c309921cc1be89eae830
SHA256

442ca888a956098037b698a57ae7fc5d04ea1e18f6df511b968f9be41ee6444d
SHA512

7ab57e58610942240f444e1677aced1d52d190d326d8ce8ca1243da572c60ac79cdfaeee5d75a242945b0c49ff076ff7d1e49c84f5c4f6fd49b981e7425905af
SSDEEP

24576:VSFtyG+qygvXgvGbP9Gl++JaPghrXSwrak1VpsT6Qctnc2J4wvX5E7fJ:styG+qbFrYAoaPWnrak1VpK6/Tf5qf

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
442ca888a956098037b698a57ae7fc5d04ea1e18f6df511b968f9be41ee6444d
unpack001/out.upx

Files

442ca888a956098037b698a57ae7fc5d04ea1e18f6df511b968f9be41ee6444d
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 10.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 963KB - Virtual size: 963KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 7.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 10.7MB

UPX1 Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 21KB - Virtual size: 24KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 963KB - Virtual size: 963KB

.data Size: 317KB - Virtual size: 7.0MB

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 213KB - Virtual size: 212KB

UPX0
Size: - Virtual size: 10.7MB

UPX1
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 21KB - Virtual size: 24KB

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 963KB - Virtual size: 963KB

.data
Size: 317KB - Virtual size: 7.0MB

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 213KB - Virtual size: 212KB