bf5f6d2fa5b6f8e937e12b7a74959edf

General

Target

bf5f6d2fa5b6f8e937e12b7a74959edf
Size

179KB
MD5

bf5f6d2fa5b6f8e937e12b7a74959edf
SHA1

a0170d523d6ede7eff4b4c85e923e1ba8c23f389
SHA256

9a1bb7fb58507f330f4880cbc79f0dedeefa20dc23030b487ff4892e04e132b6
SHA512

115083571747c6a7f9b6e482b910df0011b9d4ba689a7bdb50e5568aca2c3f33a387db439671f147934559b255b02309bf36c32b8cb0b7688626a8625df3e4f1
SSDEEP

3072:er9WTeOqEM37O7/Hqmn457l25rSlmanam84kxd4K3bf5x/XqmZDM:erXov/Hb4tl2Ufnb80cbrXqmZDM

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
bf5f6d2fa5b6f8e937e12b7a74959edf
unpack001/out.upx

Files

bf5f6d2fa5b6f8e937e12b7a74959edf
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 136KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 157KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 136KB

UPX1 Size: 157KB - Virtual size: 160KB

.rsrc Size: 20KB - Virtual size: 20KB

Headers

File Characteristics

Sections

.text Size: 219KB - Virtual size: 219KB

.itext Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 3KB

.bss Size: - Virtual size: 18KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 4KB - Virtual size: 4KB

.rsrc Size: 19KB - Virtual size: 19KB

UPX0
Size: - Virtual size: 136KB

UPX1
Size: 157KB - Virtual size: 160KB

.rsrc
Size: 20KB - Virtual size: 20KB

.text
Size: 219KB - Virtual size: 219KB

.itext
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 18KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 19KB - Virtual size: 19KB