e6551c9c79b76f228e40b7396bbc0a433576e9d94f8e04dbb62718846235a515

General

Target

e6551c9c79b76f228e40b7396bbc0a433576e9d94f8e04dbb62718846235a515
Size

3.8MB
MD5

91074854495098dc2e19fd1dd9fe09ba
SHA1

fc155a94509d037ae8b40093c95cddedd1e172ff
SHA256

e6551c9c79b76f228e40b7396bbc0a433576e9d94f8e04dbb62718846235a515
SHA512

06ba0e12f915367bc877414edea862cd5fe9dbaa6220b651e61b63c04ded9fed080df7405e10905091ea9ab8c682489f171c07de36f80798de54e8325e786983
SSDEEP

98304:Chd4OU1Yn+eFb9uVh6thn0+mgZ+1oq87pK8Ejj8JWnbM4XOstVLV:ChdWYIs7mf1RAK4EpXOstr

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
e6551c9c79b76f228e40b7396bbc0a433576e9d94f8e04dbb62718846235a515
unpack001/out.upx

Files

e6551c9c79b76f228e40b7396bbc0a433576e9d94f8e04dbb62718846235a515
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 224KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 92KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 3.4MB

UPX1 Size: 2.5MB - Virtual size: 2.5MB

.rsrc Size: 75KB - Virtual size: 76KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 224KB - Virtual size: 221KB

.data Size: 92KB - Virtual size: 1.2MB

.rsrc Size: 88KB - Virtual size: 85KB

.reloc Size: 2.9MB - Virtual size: 2.9MB

UPX0
Size: - Virtual size: 3.4MB

UPX1
Size: 2.5MB - Virtual size: 2.5MB

.rsrc
Size: 75KB - Virtual size: 76KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 224KB - Virtual size: 221KB

.data
Size: 92KB - Virtual size: 1.2MB

.rsrc
Size: 88KB - Virtual size: 85KB

.reloc
Size: 2.9MB - Virtual size: 2.9MB