4f66cd755562bc7d218f9440db4dacb8

General

Target

4f66cd755562bc7d218f9440db4dacb8
Size

828KB
MD5

4f66cd755562bc7d218f9440db4dacb8
SHA1

c3f6c19953461b0e6ebb4c3e030ee26ea5ac7ebc
SHA256

bdbf2a9dbce08387c802e6e98cd5697a7ae6b9f8b5d260ed2c69068c8243e4d6
SHA512

b60c2ce1305e95e01881419bbb2f25bb1a72ee24c1b8208b531d7de2348e4158f0d44af9c3bac3aa6e0c12abbe7a429f53bd1c21fe8687cf6a2c63026a6f9eca
SSDEEP

24576:ylmETxl5zmkwdg0ibGrmAWD5KNp3i0ITkqz3Tzx:yll170DibuBi5KL3LHqz3Tz

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
4f66cd755562bc7d218f9440db4dacb8
unpack001/out.upx

Files

4f66cd755562bc7d218f9440db4dacb8
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 872KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 826KB - Virtual size: 828KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 540KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 944KB - Virtual size: 943KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 872KB

UPX1 Size: 826KB - Virtual size: 828KB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 540KB - Virtual size: 540KB

DATA Size: 944KB - Virtual size: 943KB

BSS Size: - Virtual size: 4KB

.idata Size: 7KB - Virtual size: 7KB

.reloc Size: 30KB - Virtual size: 29KB

.rsrc Size: 134KB - Virtual size: 133KB

UPX0
Size: - Virtual size: 872KB

UPX1
Size: 826KB - Virtual size: 828KB

.rsrc
Size: 1024B - Virtual size: 4KB

CODE
Size: 540KB - Virtual size: 540KB

DATA
Size: 944KB - Virtual size: 943KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 7KB - Virtual size: 7KB

.reloc
Size: 30KB - Virtual size: 29KB

.rsrc
Size: 134KB - Virtual size: 133KB