95bd045d1a2262edf2b31fbbe4542ed4

General

Target

95bd045d1a2262edf2b31fbbe4542ed4
Size

60KB
MD5

95bd045d1a2262edf2b31fbbe4542ed4
SHA1

7be8d6c4b8aaa83c0646d61a7c96f87e96247770
SHA256

fc017e2251fe6f8317d4e3397b5298e0ac8b0169ace812e374929460ed3a375a
SHA512

c0f2dee3bf91b58a9e9a01d39998148e24203cdbe8a9fc922c7b6e5561cbbc38d4d5f89b6c47139cf66a5607e5e629ef018cf2701e8192b1723a4d77c37b87c7
SSDEEP

768:rhxl+jn9bv+NsK2Tpasw7v3KDtR6dXuGUNSOWBDlo/WiiFbIK85hNDzES90dh6St:dx8la1wGHRoOiiFbkhNzEM0rgv

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
95bd045d1a2262edf2b31fbbe4542ed4
unpack001/out.upx

Files

95bd045d1a2262edf2b31fbbe4542ed4
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetResults
GetStatus
StartScan
StopScan
Version

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 92KB

UPX1 Size: 57KB - Virtual size: 60KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 108KB - Virtual size: 107KB

DATA Size: 2KB - Virtual size: 1KB

BSS Size: - Virtual size: 3KB

.idata Size: 3KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 151B

.reloc Size: 8KB - Virtual size: 7KB

.rsrc Size: 6KB - Virtual size: 6KB

UPX0
Size: - Virtual size: 92KB

UPX1
Size: 57KB - Virtual size: 60KB

.rsrc
Size: 2KB - Virtual size: 4KB

CODE
Size: 108KB - Virtual size: 107KB

DATA
Size: 2KB - Virtual size: 1KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 151B

.reloc
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 6KB - Virtual size: 6KB