70a4bf45e3cad2206aaa64472c771bdd

General

Target

70a4bf45e3cad2206aaa64472c771bdd
Size

2.8MB
MD5

70a4bf45e3cad2206aaa64472c771bdd
SHA1

536a3e353885d59e201b71fd7732f2d3736e5d82
SHA256

61b4e083d289bfd5e1dbdee7a9c4cc8a7a4ec42d0b26c1599f212295f1061dd4
SHA512

fd7fa8329af17e21710b609ab31483e1847b6293bc31a79c6c953a0ef1246ab7ac520fa14263e5a44db578a06c6c4d34e4c0206c2f8672d30880cdda76f0aeca
SSDEEP

49152:Ry1d+8NUJsDq01V2s6tDsoBwG5xMRXBQpZ89oV6qv+UCg5D0P2wyn3ymvE7dQT8:RyNvDq01Qs69slSyfAZ89oPGUCgD0uw4

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
70a4bf45e3cad2206aaa64472c771bdd
unpack001/out.upx

Files

70a4bf45e3cad2206aaa64472c771bdd
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 30.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 832KB - Virtual size: 832KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32.5MB - Virtual size: 32.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 30.6MB

UPX1 Size: 2.8MB - Virtual size: 2.8MB

.rsrc Size: 6KB - Virtual size: 8KB

Headers

File Characteristics

Sections

CODE Size: 832KB - Virtual size: 832KB

DATA Size: 10KB - Virtual size: 10KB

BSS Size: - Virtual size: 4KB

.idata Size: 10KB - Virtual size: 10KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 58KB - Virtual size: 57KB

.rsrc Size: 32.5MB - Virtual size: 32.5MB

UPX0
Size: - Virtual size: 30.6MB

UPX1
Size: 2.8MB - Virtual size: 2.8MB

.rsrc
Size: 6KB - Virtual size: 8KB

CODE
Size: 832KB - Virtual size: 832KB

DATA
Size: 10KB - Virtual size: 10KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 10KB - Virtual size: 10KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 58KB - Virtual size: 57KB

.rsrc
Size: 32.5MB - Virtual size: 32.5MB