1b3ffd03a9eb80ed0c4b22a0788fa1d9

General

Target

1b3ffd03a9eb80ed0c4b22a0788fa1d9
Size

92KB
MD5

1b3ffd03a9eb80ed0c4b22a0788fa1d9
SHA1

01cac2bc8041b3b102c860f2ef9eec8451144202
SHA256

c91264a57ab869ff740c49580cd497f1fbc09c3edbb4067cdf93bb3916f9a46f
SHA512

c9511776c6f938f59ae8a99e85f23c47566548f076ca041fcb061a55d444b23bbc53bb810f2e044c576d2cc3d216064b1aff4a61dd654354ff4020a14e6b2c46
SSDEEP

1536:O+pahnyzIaDd+dwffZdGpu+dmltVc075knAC3817fFwHVlmT7RY3n+Sy9c:FpcgIaDkqfnKDdmzp75aAC3Y7fFwV0cd

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
1b3ffd03a9eb80ed0c4b22a0788fa1d9
unpack001/out.upx

Files

1b3ffd03a9eb80ed0c4b22a0788fa1d9
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

i

Sections

UPX0
Size: - Virtual size: 216KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Sections

.text
Size: 166KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 216KB

UPX1 Size: 89KB - Virtual size: 92KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 166KB - Virtual size: 168KB

.data Size: 73KB - Virtual size: 92KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 12KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 216KB

UPX1
Size: 89KB - Virtual size: 92KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 166KB - Virtual size: 168KB

.data
Size: 73KB - Virtual size: 92KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 12KB - Virtual size: 12KB