8e65887fa17c8170f14bacf6f352e633

Sharing

Copy URL Twitter E-mail

General

Target

8e65887fa17c8170f14bacf6f352e633
Size

10.8MB
MD5

8e65887fa17c8170f14bacf6f352e633
SHA1

b163a1cc9dfe2990672c9c8b15d6681f0c908b00
SHA256

491b96c7c2661fb924df87dfe4b30399770672cf254072455b85de91b174a545
SHA512

ef278b404af5b4bbb2832b757420e65fd2eceda7c3a41078cae5f1aa0f159f4d2f3243c50e6f73e1683de32e8380e44e700a8d82e370d14ec7ece0981749fb4a
SSDEEP

196608:p7G4BFifYizLQ8uGdbwRLTvICzcHWrUDZNEY20EK5pNDOIXKtThkn4L4aGaMeBNt:047ccGbAhcSKUi0t44BN8eGel

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8e65887fa17c8170f14bacf6f352e633
unpack001/out.upx

Files

8e65887fa17c8170f14bacf6f352e633
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 10.7MB - Virtual size: 10.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.textbss
Size: - Virtual size: 804KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 1024B - Virtual size: 606B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 337B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 437B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11.1MB - Virtual size: 11.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.5MB

UPX1 Size: 10.7MB - Virtual size: 10.7MB

.rsrc Size: 109KB - Virtual size: 112KB

Headers

DLL Characteristics

File Characteristics

Sections

.textbss Size: - Virtual size: 804KB

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 468KB - Virtual size: 468KB

.data Size: 10KB - Virtual size: 21KB

.pdata Size: 87KB - Virtual size: 87KB

.idata Size: 6KB - Virtual size: 6KB

.msvcjmc Size: 1024B - Virtual size: 606B

.00cfg Size: 512B - Virtual size: 337B

_RDATA Size: 512B - Virtual size: 437B

.rsrc Size: 11.1MB - Virtual size: 11.1MB

.reloc Size: 39KB - Virtual size: 38KB

UPX0
Size: - Virtual size: 3.5MB

UPX1
Size: 10.7MB - Virtual size: 10.7MB

.rsrc
Size: 109KB - Virtual size: 112KB

.textbss
Size: - Virtual size: 804KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 468KB - Virtual size: 468KB

.data
Size: 10KB - Virtual size: 21KB

.pdata
Size: 87KB - Virtual size: 87KB

.idata
Size: 6KB - Virtual size: 6KB

.msvcjmc
Size: 1024B - Virtual size: 606B

.00cfg
Size: 512B - Virtual size: 337B

_RDATA
Size: 512B - Virtual size: 437B

.rsrc
Size: 11.1MB - Virtual size: 11.1MB

.reloc
Size: 39KB - Virtual size: 38KB