97b9e5de110713738ba07e6f4a4fd22e

General

Target

97b9e5de110713738ba07e6f4a4fd22e
Size

1.2MB
MD5

97b9e5de110713738ba07e6f4a4fd22e
SHA1

0a10d21346898885b558daa0c361dd92d19e4c67
SHA256

622613cbffcff4cad19a65aab246285a8343b5491aa5eb338fc709c1a2dfc384
SHA512

c4c2f8ae5c4eb78adb3b62d1e5d553932f917ca5d01411bc7583fd0f4661ff4873640a1b03cde3df5b3a0888f772d31e9991dc8349ab592b1a0653baff1df2cb
SSDEEP

24576:B0A7DbkO5+nXEDy1yzvF3PBiklrPGtJ70jMzGkyRtG4QvP90owty2PY+3lDMYyTn:BVkO5QqJTBetSpQn9SAn+3lDMvF7

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
97b9e5de110713738ba07e6f4a4fd22e
unpack001/out.upx

Files

97b9e5de110713738ba07e6f4a4fd22e
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??0CTPImage@@QAE@ABV0@@Z
??0CTPImage@@QAE@XZ
??1CTPImage@@UAE@XZ
??4CPixel@@QAEAAU0@ABU0@@Z
??4CTPImage@@QAEAAV0@ABV0@@Z
??8CPixel@@QAEHU0@@Z
??9CPixel@@QAEHU0@@Z
??GCPixel@@QAEHU0@@Z
??YCPixel@@QAEXH@Z
??ZCPixel@@QAEXH@Z
??_7CTPImage@@6B@
?BuildGrayChannel@CTPImage@@QAEKXZ
?ChannelFrom@CTPImage@@QAEHPAVCTPChannel@@H@Z
?ComputeLaplasToAlpha@CTPImage@@QAEXXZ
?Create@CTPImage@@QAEJII@Z
?CreateNewInstance@CTPImage@@SAPAV1@XZ
?DuplicateFrom@CTPImage@@QAEHPAV1@@Z
?Free@CTPImage@@QAEXXZ
?GetAreaByteSize@CTPImage@@QAEIXZ
?GetAveragePixel@CTPImage@@QAE?AUCPixel@@XZ
?GetBuffer@CTPImage@@QAEPAUCPixel@@HH@Z
?GetGray2@CPixel@@QAEEXZ
?GetGray@CPixel@@QAEEXZ
?GetPixel2@CTPImage@@QAE?AUCPixel@@HH@Z
?GetPixel@CTPImage@@QAEKHH@Z
?GetSafePixel@CTPImage@@QAE?AUCPixel@@HH@Z
?GetSize@CTPImage@@QAEXAAI0@Z
?LoadFromFile@CTPImage@@QAEJPAD@Z
?PutPixel@CTPImage@@QAEXHHUCPixel@@@Z
?SaveToFile@CTPImage@@QAEJPAD@Z

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 84KB

UPX1 Size: 86KB - Virtual size: 88KB

.rsrc Size: 6KB - Virtual size: 8KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 40KB - Virtual size: 42KB

.rsrc Size: 24KB - Virtual size: 21KB

UPX0
Size: - Virtual size: 84KB

UPX1
Size: 86KB - Virtual size: 88KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 40KB - Virtual size: 42KB

.rsrc
Size: 24KB - Virtual size: 21KB