7b59134771f352a176f5a3f75a483a8b

General

Target

7b59134771f352a176f5a3f75a483a8b
Size

2.5MB
MD5

7b59134771f352a176f5a3f75a483a8b
SHA1

e563e6c544635c1bcb897b41cb2194aab030b69a
SHA256

f06da8f6497123d9f6976fd354df52bbd91194b2a2d635e91edfacf0db72f758
SHA512

d6cbf9091b92e94c15d76a422b39876b0d226c05810855f6f672f301485e73f5416461bbf1be78737e652883772e39f044c5dc05e0348bbdbec459b94d9c7658
SSDEEP

49152:wquLWROCf5tAIFz8c761P7h0giCQqm/gxd1WY6g+09dxLzwvmOLNIdYPvLdgRQrK:P3ROCBWIFzVIPOfCDm4xd1WY6gz9DMvE

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
7b59134771f352a176f5a3f75a483a8b
unpack001/out.upx

Files

7b59134771f352a176f5a3f75a483a8b
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??0CTPImage@@QAE@ABV0@@Z
??0CTPImage@@QAE@XZ
??1CTPImage@@UAE@XZ
??4CPixel@@QAEAAU0@ABU0@@Z
??4CTPImage@@QAEAAV0@ABV0@@Z
??8CPixel@@QAEHU0@@Z
??9CPixel@@QAEHU0@@Z
??GCPixel@@QAEHU0@@Z
??YCPixel@@QAEXH@Z
??ZCPixel@@QAEXH@Z
??_7CTPImage@@6B@
?BuildGrayChannel@CTPImage@@QAEKXZ
?ChannelFrom@CTPImage@@QAEHPAVCTPChannel@@H@Z
?ComputeLaplasToAlpha@CTPImage@@QAEXXZ
?Create@CTPImage@@QAEJII@Z
?CreateNewInstance@CTPImage@@SAPAV1@XZ
?DuplicateFrom@CTPImage@@QAEHPAV1@@Z
?Free@CTPImage@@QAEXXZ
?GetAreaByteSize@CTPImage@@QAEIXZ
?GetAveragePixel@CTPImage@@QAE?AUCPixel@@XZ
?GetBuffer@CTPImage@@QAEPAUCPixel@@HH@Z
?GetGray2@CPixel@@QAEEXZ
?GetGray@CPixel@@QAEEXZ
?GetPixel2@CTPImage@@QAE?AUCPixel@@HH@Z
?GetPixel@CTPImage@@QAEKHH@Z
?GetSafePixel@CTPImage@@QAE?AUCPixel@@HH@Z
?GetSize@CTPImage@@QAEXAAI0@Z
?LoadFromFile@CTPImage@@QAEJPAD@Z
?PutPixel@CTPImage@@QAEXHHUCPixel@@@Z
?SaveToFile@CTPImage@@QAEJPAD@Z

Sections

UPX0
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 84KB

UPX1 Size: 85KB - Virtual size: 88KB

.rsrc Size: 7KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 40KB - Virtual size: 42KB

.rsrc Size: 24KB - Virtual size: 21KB

UPX0
Size: - Virtual size: 84KB

UPX1
Size: 85KB - Virtual size: 88KB

.rsrc
Size: 7KB - Virtual size: 8KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 40KB - Virtual size: 42KB

.rsrc
Size: 24KB - Virtual size: 21KB