04ce6a94cb251a193d807316adfd26722db51c81bd65e2e88d0dd1eeb01a6234

General

Target

04ce6a94cb251a193d807316adfd26722db51c81bd65e2e88d0dd1eeb01a6234
Size

656KB
MD5

0ae8edf98dcfca4e57e4b4fb025dc079
SHA1

05e74dac7c4bc6d159f54f91b7f61dd9469b513c
SHA256

04ce6a94cb251a193d807316adfd26722db51c81bd65e2e88d0dd1eeb01a6234
SHA512

62ea54363e6a904eeacfc1751c5fcdf7d41e916f7e30e3a4a8c9d45f5afc0f195087aee3f7fbbba6a9a40a4e22e97c9e579048f8176620b2b8945851753bb286
SSDEEP

12288:Qau1FoETjmbPg8CYlNCpb5TY7Qz+XIai8UxnhxnNKrUxlnXkf+MJxMq4:O16JbPgbb5TY78N/rlNKrU76X54

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
04ce6a94cb251a193d807316adfd26722db51c81bd65e2e88d0dd1eeb01a6234
unpack001/out.upx

Files

04ce6a94cb251a193d807316adfd26722db51c81bd65e2e88d0dd1eeb01a6234
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 788KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 653KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 472KB - Virtual size: 471KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 788KB

UPX1 Size: 653KB - Virtual size: 656KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 472KB - Virtual size: 471KB

.rdata Size: 330KB - Virtual size: 329KB

.data Size: 512B - Virtual size: 470KB

.rsrc Size: 153KB - Virtual size: 152KB

.reloc Size: 1024B - Virtual size: 568B

UPX0
Size: - Virtual size: 788KB

UPX1
Size: 653KB - Virtual size: 656KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 472KB - Virtual size: 471KB

.rdata
Size: 330KB - Virtual size: 329KB

.data
Size: 512B - Virtual size: 470KB

.rsrc
Size: 153KB - Virtual size: 152KB

.reloc
Size: 1024B - Virtual size: 568B