58df7ddad8f22ce8706c0b2722f5444f2bf857273de95c955fe929881d5b115a

General

Target

58df7ddad8f22ce8706c0b2722f5444f2bf857273de95c955fe929881d5b115a
Size

946KB
MD5

9a07b5b1445f831991743d27effb4ae1
SHA1

ce1cdc2ff3d9c4a007f12c200e6a788a530af77c
SHA256

58df7ddad8f22ce8706c0b2722f5444f2bf857273de95c955fe929881d5b115a
SHA512

a1b14d6102b4feb04d3d335c02f2f841cf24c5aa226d2924af9009fab192958b6b994643fe4c95e53a9619ea5be8912decaa5667d188c6ee44fbd4b7cc959ccd
SSDEEP

24576:v6gM3g4PaaQve0yNhwS/G/3Qw7jXOwl+H:i13gYAlIw7b

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58df7ddad8f22ce8706c0b2722f5444f2bf857273de95c955fe929881d5b115a

Files

58df7ddad8f22ce8706c0b2722f5444f2bf857273de95c955fe929881d5b115a
.exe windows:4 windows x86 arch:x86

a7333743ef063a68d1d860bbdf1c328e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
VirtualAlloc

Sections

.edata
Size: 374KB - Virtual size: 764KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 302KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX
Size: 238KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a7333743ef063a68d1d860bbdf1c328e

Headers

File Characteristics

Imports

kernel32

Sections

.edata Size: 374KB - Virtual size: 764KB

.edata Size: 3KB - Virtual size: 8KB

.edata Size: - Virtual size: 8KB

.edata Size: 4KB - Virtual size: 16KB

.edata Size: - Virtual size: 56KB

.rsrc Size: 302KB - Virtual size: 1.4MB

.edata Size: 23KB - Virtual size: 24KB

.UPX Size: 238KB - Virtual size: 240KB

.edata
Size: 374KB - Virtual size: 764KB

.edata
Size: 3KB - Virtual size: 8KB

.edata
Size: - Virtual size: 8KB

.edata
Size: 4KB - Virtual size: 16KB

.edata
Size: - Virtual size: 56KB

.rsrc
Size: 302KB - Virtual size: 1.4MB

.edata
Size: 23KB - Virtual size: 24KB

.UPX
Size: 238KB - Virtual size: 240KB