d3b871536a321d17caa872da9fc766c6

General

Target

d3b871536a321d17caa872da9fc766c6
Size

1020KB
MD5

d3b871536a321d17caa872da9fc766c6
SHA1

2941ed6f9f1b228628eeea0dbbcb2b9e4693a2d7
SHA256

780ed5df63447087b85e6a17bf3731567f0d9b384cf808f4642ac27b4ae396b0
SHA512

d2ba1672df62243e31d3517e64297e0c1ae5d655af5807e6603beeb7a731d0a1174b4c4141a5f1e8424c76ac952bcdce181c67b0f0d1db1c50966d70e762ba0d
SSDEEP

24576:NUEXKd26AOiuUHu5WuQQGTI65HR8uz/VlaF3i0K:W1aVEW7vTI65HR8u5laF3i0K

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
d3b871536a321d17caa872da9fc766c6
unpack001/out.upx

Files

d3b871536a321d17caa872da9fc766c6
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 4.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1010KB - Virtual size: 1012KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 4.9MB

UPX1 Size: 1010KB - Virtual size: 1012KB

.rsrc Size: 9KB - Virtual size: 12KB

Headers

File Characteristics

Sections

CODE Size: 1.1MB - Virtual size: 1.1MB

DATA Size: 13KB - Virtual size: 13KB

BSS Size: - Virtual size: 4KB

.idata Size: 12KB - Virtual size: 11KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 72KB - Virtual size: 71KB

.rsrc Size: 4.6MB - Virtual size: 4.6MB

UPX0
Size: - Virtual size: 4.9MB

UPX1
Size: 1010KB - Virtual size: 1012KB

.rsrc
Size: 9KB - Virtual size: 12KB

CODE
Size: 1.1MB - Virtual size: 1.1MB

DATA
Size: 13KB - Virtual size: 13KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 12KB - Virtual size: 11KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 72KB - Virtual size: 71KB

.rsrc
Size: 4.6MB - Virtual size: 4.6MB