ac8a6466a5b266002011f661f83c833f0cb3046cdd7cabd6b89df5e8b1b919f7

General

Target

ac8a6466a5b266002011f661f83c833f0cb3046cdd7cabd6b89df5e8b1b919f7
Size

4.8MB
MD5

2fd152bbdf7bced516a19d10c9303549
SHA1

9b66490c13d4cdf20fdba3a2e8416893a51dd069
SHA256

ac8a6466a5b266002011f661f83c833f0cb3046cdd7cabd6b89df5e8b1b919f7
SHA512

3aa14bb4e47734398622e6b2b9b24f6c4e2e8d802257e218b4ab6c4f840d9e4ce884ce48debbf1a0686c26d68821362d7899f134866120eb1890e4c14e4352db
SSDEEP

98304:j3r5malXMHbouuCygayqvEzHysIFZMfQpw3LyzdROt3fwmY6I4A4mP/wUS7JLv2B:j7Ao8czChayxGsn4pv/HwU4mP/jS9L

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ac8a6466a5b266002011f661f83c833f0cb3046cdd7cabd6b89df5e8b1b919f7
unpack001/out.upx

Files

ac8a6466a5b266002011f661f83c833f0cb3046cdd7cabd6b89df5e8b1b919f7
.exe windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 618KB - Virtual size: 618KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 390KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 195KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 627KB - Virtual size: 627KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 9.6MB

UPX1 Size: 4.7MB - Virtual size: 4.7MB

.rsrc Size: 89KB - Virtual size: 92KB

Headers

File Characteristics

Sections

.text Size: 6.9MB - Virtual size: 6.9MB

.data Size: 618KB - Virtual size: 618KB

.rdata Size: 5.6MB - Virtual size: 5.6MB

.pdata Size: 390KB - Virtual size: 389KB

.bss Size: - Virtual size: 195KB

.CRT Size: 512B - Virtual size: 24B

.idata Size: 24KB - Virtual size: 24KB

.rsrc Size: 627KB - Virtual size: 627KB

UPX0
Size: - Virtual size: 9.6MB

UPX1
Size: 4.7MB - Virtual size: 4.7MB

.rsrc
Size: 89KB - Virtual size: 92KB

.text
Size: 6.9MB - Virtual size: 6.9MB

.data
Size: 618KB - Virtual size: 618KB

.rdata
Size: 5.6MB - Virtual size: 5.6MB

.pdata
Size: 390KB - Virtual size: 389KB

.bss
Size: - Virtual size: 195KB

.CRT
Size: 512B - Virtual size: 24B

.idata
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 627KB - Virtual size: 627KB