a8cedb457b92c1a6c23977b61bb19b22c69f377e7420c26edfbfb46cb419bcb6

General

Target

a8cedb457b92c1a6c23977b61bb19b22c69f377e7420c26edfbfb46cb419bcb6
Size

76KB
MD5

87f3d060acce2696c9f527b65fdacb34
SHA1

ee8b7da2e283d4823899528e1ad56e38cb697bb0
SHA256

a8cedb457b92c1a6c23977b61bb19b22c69f377e7420c26edfbfb46cb419bcb6
SHA512

834fec9b5fc3a967ab2181a5a957a5a42f79ec0385791617721881d8dfc6b45c717205f99ae57d88c921f525886b4074342612528cfb3f4f8e07c10d31906675
SSDEEP

1536:9uWZjePQQme6Bm4i5BJytmPiO6SQLMRAniuaitLunb7tY7RPtpCO877wOmV:9btQN64RytmPBAFax7tY7Z+Ouq

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
a8cedb457b92c1a6c23977b61bb19b22c69f377e7420c26edfbfb46cb419bcb6
unpack001/out.upx

Files

a8cedb457b92c1a6c23977b61bb19b22c69f377e7420c26edfbfb46cb419bcb6
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 264KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 713B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bT
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

D
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt0
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cji8
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 264KB

UPX1 Size: 72KB - Virtual size: 72KB

.rsrc Size: 3KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 4KB - Virtual size: 713B

.bT Size: 20KB - Virtual size: 21KB

.idata Size: 8KB - Virtual size: 5KB

D Size: 76KB - Virtual size: 73KB

.crt0 Size: 52KB - Virtual size: 51KB

cji8 Size: 24KB - Virtual size: 23KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 8KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 264KB

UPX1
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 4KB - Virtual size: 713B

.bT
Size: 20KB - Virtual size: 21KB

.idata
Size: 8KB - Virtual size: 5KB

D
Size: 76KB - Virtual size: 73KB

.crt0
Size: 52KB - Virtual size: 51KB

cji8
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 8KB - Virtual size: 4KB