9b44e6fef8b0da416733bb75bb6fb6cf9c5b5e358924476658759b3a7f7dbac3

Sharing

Copy URL Twitter E-mail

General

Target

9b44e6fef8b0da416733bb75bb6fb6cf9c5b5e358924476658759b3a7f7dbac3
Size

3.3MB
MD5

00d6e40cff47450f444544da94e110a5
SHA1

c191ba885ee94c7b4057407da2cc7239fdce3bff
SHA256

9b44e6fef8b0da416733bb75bb6fb6cf9c5b5e358924476658759b3a7f7dbac3
SHA512

b8b5d5543d2b4b4701ba21d519989e0c4a45838471948377c97e99c8b906e7829bfe224e82b7889f06ae2bcb35cec5163d8ced79e944326679d9c2f9658e2363
SSDEEP

98304:mMYtValhRO6wXbsJ1PW6x0MB4vwewRPeDa8JjioPjTv/:GtVapO6w++6Khv2E7PjTX

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
9b44e6fef8b0da416733bb75bb6fb6cf9c5b5e358924476658759b3a7f7dbac3
unpack001/out.upx

Files

9b44e6fef8b0da416733bb75bb6fb6cf9c5b5e358924476658759b3a7f7dbac3
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 3.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 92B

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 68B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.0MB

UPX1 Size: 3.3MB - Virtual size: 3.3MB

.rsrc Size: 33KB - Virtual size: 36KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 311KB - Virtual size: 310KB

.rdata Size: 87KB - Virtual size: 87KB

.data Size: 8KB - Virtual size: 18KB

.pdata Size: 14KB - Virtual size: 14KB

.00cfg Size: 512B - Virtual size: 40B

.gxfg Size: 9KB - Virtual size: 8KB

.retplne Size: 512B - Virtual size: 92B

.tls Size: 512B - Virtual size: 9B

.voltbl Size: 512B - Virtual size: 68B

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 5.8MB - Virtual size: 5.8MB

.reloc Size: 3KB - Virtual size: 3KB

UPX0
Size: - Virtual size: 3.0MB

UPX1
Size: 3.3MB - Virtual size: 3.3MB

.rsrc
Size: 33KB - Virtual size: 36KB

.text
Size: 311KB - Virtual size: 310KB

.rdata
Size: 87KB - Virtual size: 87KB

.data
Size: 8KB - Virtual size: 18KB

.pdata
Size: 14KB - Virtual size: 14KB

.00cfg
Size: 512B - Virtual size: 40B

.gxfg
Size: 9KB - Virtual size: 8KB

.retplne
Size: 512B - Virtual size: 92B

.tls
Size: 512B - Virtual size: 9B

.voltbl
Size: 512B - Virtual size: 68B

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 5.8MB - Virtual size: 5.8MB

.reloc
Size: 3KB - Virtual size: 3KB