49192bb69c183a34f964b5894d6a68cb

General

Target

49192bb69c183a34f964b5894d6a68cb
Size

280KB
MD5

49192bb69c183a34f964b5894d6a68cb
SHA1

97e9981c3819a76818f3d50ae02b6d02b2bdf109
SHA256

f4327fde570dfa5d9d409d76ae27e9b84bc76515280e635e5f808bd473c94117
SHA512

8702c240902528c1627b3f25dcab20aeac4f1b499eb3dee099a232115405a6509220434d552d33a02db9435f0b6a7af51778861114be4e22724ab2ede453e9f6
SSDEEP

6144:O8rKQ5ZUh39cJWCzz5nyZQIootrOCevvD/jhs9XvPu4:3WQzU05yZQI/eDjhsZv

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
49192bb69c183a34f964b5894d6a68cb
unpack001/out.upx

Files

49192bb69c183a34f964b5894d6a68cb
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 6.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 264KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 489KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 6.2MB

UPX1 Size: 264KB - Virtual size: 268KB

.rsrc Size: 14KB - Virtual size: 16KB

Headers

File Characteristics

Sections

CODE Size: 489KB - Virtual size: 489KB

DATA Size: 8KB - Virtual size: 7KB

BSS Size: - Virtual size: 4KB

.idata Size: 9KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 40KB - Virtual size: 40KB

.rsrc Size: 5.9MB - Virtual size: 5.9MB

UPX0
Size: - Virtual size: 6.2MB

UPX1
Size: 264KB - Virtual size: 268KB

.rsrc
Size: 14KB - Virtual size: 16KB

CODE
Size: 489KB - Virtual size: 489KB

DATA
Size: 8KB - Virtual size: 7KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 9KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 5.9MB - Virtual size: 5.9MB