0d08394849e81bb5c360d67593216ec1

General

Target

0d08394849e81bb5c360d67593216ec1
Size

71KB
MD5

0d08394849e81bb5c360d67593216ec1
SHA1

c7bc4585596c7b325ee35a3fe3a4a884bbb09e3d
SHA256

8b13318ab73eefa6af1bd2caac90e3bb9a1d97472f249eef9aac991bfc3ca8d2
SHA512

b29defd7530955d65b4e9c8514c1c4231dce7c494a9c20644afccc20d16a0d426827facf8e280e21ec782cdbf1160b7bd65a932d8aaebe26f3312c05413510ad
SSDEEP

768:EgJzhd3y7+9YJKAObeIyQ5r0PH8RaBI2Oot21DbRLi/0LzYzVE8mun07QmfK2lfz:ECZE+6abDr46n1BLi6ezn07frfsYn9R

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
0d08394849e81bb5c360d67593216ec1
unpack001/out.upx

Files

0d08394849e81bb5c360d67593216ec1
.dll windows:3 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DCCDGNBRFRQITJLIRQTF
DllCanUnloadNow
DllGetClassObject
QBYAXMXAEY
ieoziaeexpnudyewsyq
wmvoyiao

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:3 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 417B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 96KB

UPX1 Size: 69KB - Virtual size: 72KB

UPX2 Size: 1024B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 103KB - Virtual size: 103KB

.bss Size: - Virtual size: 417B

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 17KB - Virtual size: 17KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 6KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 96KB

UPX1
Size: 69KB - Virtual size: 72KB

UPX2
Size: 1024B - Virtual size: 4KB

.text
Size: 103KB - Virtual size: 103KB

.bss
Size: - Virtual size: 417B

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 17KB - Virtual size: 17KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 6KB - Virtual size: 5KB