2aed2a48aa2ea62457f1edf95bfef91b0d5f4434fe4e5e4ec0b0d71ab045f8ce

Sharing

Copy URL

Twitter E-mail

General

Target

2aed2a48aa2ea62457f1edf95bfef91b0d5f4434fe4e5e4ec0b0d71ab045f8ce
Size

1.1MB
MD5

ff4db044f235c09e5ce5d39a3f306817
SHA1

16e3eb3e6685541c93259d4f96ab53d0b830435a
SHA256

2aed2a48aa2ea62457f1edf95bfef91b0d5f4434fe4e5e4ec0b0d71ab045f8ce
SHA512

80159bf03af734b25bed89ed2fddc8dbe9b9e12149b29115b205bac6505ee8332bf6da2dffb47a711a14c853bcd87a1e221665bcb5c5ae57b3e39c93fc6b49e4
SSDEEP

24576:AOS+19BnG6KzXGqZ1Jd/jjGGRayHQkFqGdiMuWoCUob:AOSQ9BnG8kh/jiGRayweCMuWok

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2aed2a48aa2ea62457f1edf95bfef91b0d5f4434fe4e5e4ec0b0d71ab045f8ce
unpack001/out.upx

Files

2aed2a48aa2ea62457f1edf95bfef91b0d5f4434fe4e5e4ec0b0d71ab045f8ce
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 3.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.textbss
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 1024B - Virtual size: 553B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 1024B - Virtual size: 671B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.9MB

UPX1 Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.textbss Size: - Virtual size: 1.5MB

.text Size: 3.1MB - Virtual size: 3.1MB

.rdata Size: 201KB - Virtual size: 200KB

.data Size: 5KB - Virtual size: 12KB

.pdata Size: 44KB - Virtual size: 43KB

.idata Size: 4KB - Virtual size: 4KB

.msvcjmc Size: 1024B - Virtual size: 553B

.00cfg Size: 512B - Virtual size: 373B

_RDATA Size: 1024B - Virtual size: 671B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 13KB - Virtual size: 13KB

UPX0
Size: - Virtual size: 3.9MB

UPX1
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 1024B - Virtual size: 4KB

.textbss
Size: - Virtual size: 1.5MB

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 201KB - Virtual size: 200KB

.data
Size: 5KB - Virtual size: 12KB

.pdata
Size: 44KB - Virtual size: 43KB

.idata
Size: 4KB - Virtual size: 4KB

.msvcjmc
Size: 1024B - Virtual size: 553B

.00cfg
Size: 512B - Virtual size: 373B

_RDATA
Size: 1024B - Virtual size: 671B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 13KB - Virtual size: 13KB