aacb4d24ead051318ffb4b04e3025cbeae23b4aed4b67aea6daf0d0b8dc2c10e

General

Target

aacb4d24ead051318ffb4b04e3025cbeae23b4aed4b67aea6daf0d0b8dc2c10e
Size

1.1MB
MD5

01331e7ee42b3ba0c0f80862f85d6595
SHA1

5d42a2c79bc4d8fb5fb53929d25477d2b7af9ffa
SHA256

aacb4d24ead051318ffb4b04e3025cbeae23b4aed4b67aea6daf0d0b8dc2c10e
SHA512

b0d5c27fd6d67dc7bcece70d9b1a1fa04648c1e09f45eed3511b0c0fd0a64b7cd915caaf94f8afc89d6e083a0aeb3f135db25f202502ee52621e21dfb8ff9807
SSDEEP

24576:qOUG2XwjSUyCflc3l5/0CyYssu3gEXnC/lavWa7grcz:NUG2gjFK/0CyYssMgARzMr

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
aacb4d24ead051318ffb4b04e3025cbeae23b4aed4b67aea6daf0d0b8dc2c10e
unpack001/out.upx

Files

aacb4d24ead051318ffb4b04e3025cbeae23b4aed4b67aea6daf0d0b8dc2c10e
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 664KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 664KB

UPX1 Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 8KB - Virtual size: 12KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 512B - Virtual size: 576B

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 1024B - Virtual size: 948B

UPX0
Size: - Virtual size: 664KB

UPX1
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 8KB - Virtual size: 12KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 512B - Virtual size: 576B

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 1024B - Virtual size: 948B