d27e4d86d2e3d205ef7cb5d285799b89825d68a5cd8a48ad86f260f02fa65c6e

General

Target

d27e4d86d2e3d205ef7cb5d285799b89825d68a5cd8a48ad86f260f02fa65c6e
Size

15.7MB
MD5

0ef7c7b643a5f6e3c668c2d675b66244
SHA1

4b24475ade5cea7359d394216872aeba814db9b2
SHA256

d27e4d86d2e3d205ef7cb5d285799b89825d68a5cd8a48ad86f260f02fa65c6e
SHA512

b84646d896e3c32dbfbf94beded02d55f56977fc898e3a1c425071295e5ae4c5d6788dbb1d1cc805c09e6bfa1fa823f1a5cfc865d13c1bf33dd82f7ecc569441
SSDEEP

393216:zerWpRJYU7SKlLCw4fNOHu/73eajQVIEYa:ae/OKld4V3TeajuIEf

Score

9^/10

upx oss_ak

Malware Config

Signatures

detect oss ak 1 IoCs

oss ak information detected.

oss_ak

resource	yara_rule
static1/unpack001/out.upx	detect_ak_stuff

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
d27e4d86d2e3d205ef7cb5d285799b89825d68a5cd8a48ad86f260f02fa65c6e
unpack001/out.upx

Files

d27e4d86d2e3d205ef7cb5d285799b89825d68a5cd8a48ad86f260f02fa65c6e
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 29.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15.6MB - Virtual size: 15.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 22.6MB - Virtual size: 22.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8.3MB - Virtual size: 8.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.9MB - Virtual size: 11.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 813KB - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 29.4MB

UPX1 Size: 15.6MB - Virtual size: 15.6MB

.rsrc Size: 98KB - Virtual size: 100KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 22.6MB - Virtual size: 22.6MB

.rdata Size: 8.3MB - Virtual size: 8.3MB

.data Size: 2.9MB - Virtual size: 11.6MB

.pdata Size: 813KB - Virtual size: 812KB

.rodata Size: 512B - Virtual size: 512B

.rdata Size: 512B - Virtual size: 512B

_RDATA Size: 1024B - Virtual size: 560B

.msvcjmc Size: 137KB - Virtual size: 137KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

UPX0
Size: - Virtual size: 29.4MB

UPX1
Size: 15.6MB - Virtual size: 15.6MB

.rsrc
Size: 98KB - Virtual size: 100KB

.text
Size: 22.6MB - Virtual size: 22.6MB

.rdata
Size: 8.3MB - Virtual size: 8.3MB

.data
Size: 2.9MB - Virtual size: 11.6MB

.pdata
Size: 813KB - Virtual size: 812KB

.rodata
Size: 512B - Virtual size: 512B

.rdata
Size: 512B - Virtual size: 512B

_RDATA
Size: 1024B - Virtual size: 560B

.msvcjmc
Size: 137KB - Virtual size: 137KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB