b231579cc8cf49294811dc6c2b2ae85d6e771c1b7d9b31e398fec3703b00d7b1

General

Target

b231579cc8cf49294811dc6c2b2ae85d6e771c1b7d9b31e398fec3703b00d7b1
Size

952KB
MD5

c3ce5d5b7ece59c4ada94f43cee22f73
SHA1

a97dfa43b868c2046e371501d28c2899adef2df6
SHA256

b231579cc8cf49294811dc6c2b2ae85d6e771c1b7d9b31e398fec3703b00d7b1
SHA512

f77e1780356262bb4741426ff3294cbd33409204fc5c1e29b8f34ac38641b62b48e357d5ac5054998125d1fd004eec6355dc92bc46e954a6a53564cd6b5b4113
SSDEEP

24576:tsNajB0V48dDqxGBOtrIBmG4iyZyj0DyYqMdKWQ0IBo:+a0tdux+OtrIBmG9+yYqMdKWQVq

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b231579cc8cf49294811dc6c2b2ae85d6e771c1b7d9b31e398fec3703b00d7b1
unpack001/out.upx

Files

b231579cc8cf49294811dc6c2b2ae85d6e771c1b7d9b31e398fec3703b00d7b1
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

newstartW
startupW

Sections

UPX0
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 938KB - Virtual size: 940KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 446KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 1.4MB

UPX1 Size: 938KB - Virtual size: 940KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 446KB - Virtual size: 446KB

.data Size: 56KB - Virtual size: 76KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 106KB - Virtual size: 105KB

UPX0
Size: - Virtual size: 1.4MB

UPX1
Size: 938KB - Virtual size: 940KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 446KB - Virtual size: 446KB

.data
Size: 56KB - Virtual size: 76KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 106KB - Virtual size: 105KB