2ba040de7f86e6dc536ece8ca3537784

General

Target

2ba040de7f86e6dc536ece8ca3537784
Size

95KB
MD5

2ba040de7f86e6dc536ece8ca3537784
SHA1

56911de3acefd5eb82567ba78d19e4f3370eefd0
SHA256

21a3b9cbbe9d302a53c78d10bf8784477f8cb8068c2518b5367f3e551a6cdad2
SHA512

61808a603c1658f4c544224fb786d0b7581bda0496528a220946b9c6767648e3c034f2c4158071d4953494e41a57157df7154b144621b2b8d16103d262369bfa
SSDEEP

1536:nIcNfJIz52Wc913ZKvJ6OCuG5iHKF2stiqzI2CqO+xFf0yVvfUU6ePx+C5CZSkgZ:nIQfJIn4ZKR6OfGAHe7iudClEiGMU6ZA

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/YOURCL~1.EXE	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/21BOOT~1.EXE
unpack001/YOURCL~1.EXE
unpack002/out.upx

Files

2ba040de7f86e6dc536ece8ca3537784
.cab
21BOOT~1.EXE
.exe windows:4 windows x86 arch:x86

a64765d65aab2f0dd1ce6addbf816db0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord595
ord596
ord598
ord632
EVENT_SINK_AddRef
ord561
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord608
ord535
ord100
ord581

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
YOURCL~1.EXE
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a64765d65aab2f0dd1ce6addbf816db0

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 108KB - Virtual size: 107KB

.data Size: - Virtual size: 2KB

.rsrc Size: 76KB - Virtual size: 74KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 40KB

UPX1 Size: 12KB - Virtual size: 12KB

.rsrc Size: 3KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 36KB - Virtual size: 33KB

.data Size: - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 108KB - Virtual size: 107KB

.data
Size: - Virtual size: 2KB

.rsrc
Size: 76KB - Virtual size: 74KB

UPX0
Size: - Virtual size: 40KB

UPX1
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 33KB

.data
Size: - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 2KB