5a497051c7c233ede3d9907b7bd91ccd

General

Target

5a497051c7c233ede3d9907b7bd91ccd
Size

512KB
MD5

5a497051c7c233ede3d9907b7bd91ccd
SHA1

7c38fd4168271f6e7038b00f761e8a81bf8e391d
SHA256

4459909f1d7f4ee34a817f0531ac7548faaa9d40bacd088be622a3059022dd58
SHA512

026598df6fb79b84795f9765124b6cc83b73d4151236695dc37bb8e2959e7c656cfbe9237dc02cd15c69ec23d68a2f7d8e33720b10819de75c2b3dce332adeed
SSDEEP

12288:16sVh6MWRZL7OHN/2I52KWsIxRrheXNdEqumj212f:ksVM3L7Wh249IxRS7Ba12f

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
5a497051c7c233ede3d9907b7bd91ccd
unpack001/out.upx

Files

5a497051c7c233ede3d9907b7bd91ccd
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 496KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 727KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.2MB

UPX1 Size: 496KB - Virtual size: 496KB

.rsrc Size: 15KB - Virtual size: 16KB

Headers

File Characteristics

Sections

CODE Size: 727KB - Virtual size: 726KB

DATA Size: 12KB - Virtual size: 11KB

BSS Size: - Virtual size: 4KB

.idata Size: 11KB - Virtual size: 11KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 49KB - Virtual size: 49KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

UPX0
Size: - Virtual size: 2.2MB

UPX1
Size: 496KB - Virtual size: 496KB

.rsrc
Size: 15KB - Virtual size: 16KB

CODE
Size: 727KB - Virtual size: 726KB

DATA
Size: 12KB - Virtual size: 11KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 11KB - Virtual size: 11KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB