6b79a9b9d0e72c77d31a687f298ac140381688e7242dade760a7731b4d4e03ff

General

Target

6b79a9b9d0e72c77d31a687f298ac140381688e7242dade760a7731b4d4e03ff
Size

424KB
MD5

a98322c7d40a38a4e5a5f8824bf9e45d
SHA1

c1bbbad431d56e05f03297c65cf3b33b04df8316
SHA256

6b79a9b9d0e72c77d31a687f298ac140381688e7242dade760a7731b4d4e03ff
SHA512

89afcb067bd57cd8e37e55468c3d6deaceafb0a27cb419cf3fda73ca371cc5787bd7ea32db764730c70224d85b7b5257eaf0c94cdca84618b13e80d3fd8cb8b9
SSDEEP

12288:8GfhCs+Fq37Pyp5gyI1hXVkf9CEfZR3pj5p8:1JCrq77hXVkfAiZj5p

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
6b79a9b9d0e72c77d31a687f298ac140381688e7242dade760a7731b4d4e03ff
unpack001/out.upx

Files

6b79a9b9d0e72c77d31a687f298ac140381688e7242dade760a7731b4d4e03ff
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 632KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 397KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 733KB - Virtual size: 740KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 632KB

UPX1 Size: 397KB - Virtual size: 400KB

.rsrc Size: 26KB - Virtual size: 28KB

Headers

File Characteristics

Sections

.text Size: 240KB - Virtual size: 239KB

.data Size: 1024B - Virtual size: 608B

.rdata Size: 9KB - Virtual size: 9KB

.bss Size: - Virtual size: 18KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 733KB - Virtual size: 740KB

UPX0
Size: - Virtual size: 632KB

UPX1
Size: 397KB - Virtual size: 400KB

.rsrc
Size: 26KB - Virtual size: 28KB

.text
Size: 240KB - Virtual size: 239KB

.data
Size: 1024B - Virtual size: 608B

.rdata
Size: 9KB - Virtual size: 9KB

.bss
Size: - Virtual size: 18KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 733KB - Virtual size: 740KB