cc97bd26f5cef0e2963864a36f2ecd3bcff7fb7613201f112fd853d7c83944e1

General

Target

cc97bd26f5cef0e2963864a36f2ecd3bcff7fb7613201f112fd853d7c83944e1
Size

12.0MB
MD5

cf4f66c58e63c820374dee9eec648bca
SHA1

a024c757820708d969f1f2652b36096d0025d52f
SHA256

cc97bd26f5cef0e2963864a36f2ecd3bcff7fb7613201f112fd853d7c83944e1
SHA512

d64d0ec8bdf4412aac9f424c1a5c2bffd005c2d182df607491d2598d36aa82d71262faa2a2d3e7a57e4269626c83218a5bde2b91c6c0c0d59f0d04c03cc03d9b
SSDEEP

196608:r49B8dojx/+hdVoQgf31bqbO1SUpuMvUpnOZtllfVAPADBnB9ByCmcrt9JkwVtRh:Mf8ujxWh/o1f3p1ddvWnIllfaPeBzwK/

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
cc97bd26f5cef0e2963864a36f2ecd3bcff7fb7613201f112fd853d7c83944e1
unpack001/out.upx

Files

cc97bd26f5cef0e2963864a36f2ecd3bcff7fb7613201f112fd853d7c83944e1
.exe windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 10.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 11.9MB - Virtual size: 11.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.code
Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 680KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21.0MB - Virtual size: 21.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.modplug
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 10.9MB

UPX1 Size: 11.9MB - Virtual size: 11.9MB

.rsrc Size: 84KB - Virtual size: 88KB

Headers

File Characteristics

Sections

.code Size: 420KB - Virtual size: 420KB

.text Size: 680KB - Virtual size: 680KB

.rdata Size: 169KB - Virtual size: 169KB

.pdata Size: 26KB - Virtual size: 26KB

.data Size: 21.0MB - Virtual size: 21.4MB

.rsrc Size: 83KB - Virtual size: 83KB

.modplug Size: - Virtual size: 20KB

UPX0
Size: - Virtual size: 10.9MB

UPX1
Size: 11.9MB - Virtual size: 11.9MB

.rsrc
Size: 84KB - Virtual size: 88KB

.code
Size: 420KB - Virtual size: 420KB

.text
Size: 680KB - Virtual size: 680KB

.rdata
Size: 169KB - Virtual size: 169KB

.pdata
Size: 26KB - Virtual size: 26KB

.data
Size: 21.0MB - Virtual size: 21.4MB

.rsrc
Size: 83KB - Virtual size: 83KB

.modplug
Size: - Virtual size: 20KB