1bca7fa2cb997fefbdaf7245aa78e039

General

Target

1bca7fa2cb997fefbdaf7245aa78e039
Size

206KB
MD5

1bca7fa2cb997fefbdaf7245aa78e039
SHA1

f148d54dfebfcd2073750da0d65590abacd2b7ec
SHA256

ad25aee2ec0e371e291dfcf9e53b5d4dee44af5ec6b2a506d6067c1985f3458e
SHA512

af826b6dbf5db1fd7c8ef2a997b39c29950e6ed14c9bdb5dae844163513a90be4cf37e4955086a4f20e10bfb53542d10a53877544730e364f12a381819b2380e
SSDEEP

3072:sgd8Vkdpn6ySznrDWpyrCCzrhThkwOYUpWqX9ogCl+ZVij+an7OSS9iIsLc3:Bd8VmpGXDWOXVThkvY8NrCl+biC9iIs

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
1bca7fa2cb997fefbdaf7245aa78e039
unpack001/out.upx

Files

1bca7fa2cb997fefbdaf7245aa78e039
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_DLL
IMAGE_FILE_UP_SYSTEM_ONLY
IMAGE_FILE_BYTES_REVERSED_HI

Sections

��澲�:
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��n�P��
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��y��
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

&��p��
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

-P��+�N
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�O��
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��|��u
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 72KB

UPX1 Size: 203KB - Virtual size: 204KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

���澲�: Size: 1024B - Virtual size: 2KB

��n�P��� Size: - Virtual size: 2KB

���y��� Size: 206KB - Virtual size: 205KB

&���p�� Size: 1024B - Virtual size: 1KB

-P��+�N Size: 6KB - Virtual size: 5KB

�O����� Size: 32KB - Virtual size: 32KB

���|���u Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 72KB

UPX1
Size: 203KB - Virtual size: 204KB

.rsrc
Size: 2KB - Virtual size: 4KB

��澲�:
Size: 1024B - Virtual size: 2KB

��n�P��
Size: - Virtual size: 2KB

��y��
Size: 206KB - Virtual size: 205KB

&��p��
Size: 1024B - Virtual size: 1KB

-P��+�N
Size: 6KB - Virtual size: 5KB

�O��
Size: 32KB - Virtual size: 32KB

��|��u
Size: 1KB - Virtual size: 1KB