71e3c4a219892a30e191df7be0030bc8

General

Target

71e3c4a219892a30e191df7be0030bc8
Size

1.2MB
MD5

71e3c4a219892a30e191df7be0030bc8
SHA1

a9ae33e06da08577964136fca1ee2a5878e0a2cb
SHA256

a5404273a3412f16a78f66ea9561e1da468f41868d8127d22fb7022d81b77a44
SHA512

9db60888bfc8eb5814f738dde6d5cd697763b55696aa0da49143ed1026b03a2e9b4151b41958f355a119b38fc37d29ebe5c466c333b9b4b127be7fabf16fbc5a
SSDEEP

24576:ifc61f04uQ1TYSSdMog1hF9slTmCODertKOUEF3XHLTSbM1Nwii7FOVeLEEp:qcEf0tQMg/F90dRKOUEF3XvEWNG7AVe7

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
71e3c4a219892a30e191df7be0030bc8
unpack001/out.upx

Files

71e3c4a219892a30e191df7be0030bc8
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1012KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 889KB - Virtual size: 888KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1012KB

UPX1 Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 33KB - Virtual size: 36KB

Headers

File Characteristics

Sections

CODE Size: 889KB - Virtual size: 888KB

DATA Size: 14KB - Virtual size: 14KB

BSS Size: - Virtual size: 5KB

.idata Size: 11KB - Virtual size: 10KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 67KB - Virtual size: 66KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

UPX0
Size: - Virtual size: 1012KB

UPX1
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 33KB - Virtual size: 36KB

CODE
Size: 889KB - Virtual size: 888KB

DATA
Size: 14KB - Virtual size: 14KB

BSS
Size: - Virtual size: 5KB

.idata
Size: 11KB - Virtual size: 10KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 67KB - Virtual size: 66KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB