b81af8c956b21f8cf21ed4e92ff29f00871dab3461b747ff86d1b183b67ad03d

Sharing

Copy URL Twitter E-mail

General

Target

b81af8c956b21f8cf21ed4e92ff29f00871dab3461b747ff86d1b183b67ad03d
Size

207KB
MD5

910a23ab62a9c4217b7bac5e06af6660
SHA1

406f9134f66fd0aa409d214514217f2302e6cb40
SHA256

b81af8c956b21f8cf21ed4e92ff29f00871dab3461b747ff86d1b183b67ad03d
SHA512

6efb625351ed8070243936b2b7c4670b90b54c3acd4e7eb7fb0137dd2f5d66596b0f8a35f29c7b8f80e8ee9bf15c93442bde82b580240a976607b1676465ac4b
SSDEEP

3072:VLqtm9kZSyFK+4irzeSV9xjHv5QO1efA9Rg6h:9qtmytD4ixPzv504V

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b81af8c956b21f8cf21ed4e92ff29f00871dab3461b747ff86d1b183b67ad03d
unpack001/out.upx

Files

b81af8c956b21f8cf21ed4e92ff29f00871dab3461b747ff86d1b183b67ad03d
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ve_setup_11_stereo
ve_setup_11_uncoupled
ve_setup_16_stereo
ve_setup_16_uncoupled
ve_setup_22_stereo
ve_setup_22_uncoupled
ve_setup_32_stereo
ve_setup_32_uncoupled
ve_setup_44_stereo
ve_setup_44_uncoupled
ve_setup_8_stereo
ve_setup_8_uncoupled
ve_setup_XX_stereo
ve_setup_XX_uncoupled
ve_setup_X_stereo
ve_setup_X_uncoupled
vorbis_encode_ctl
vorbis_encode_init
vorbis_encode_init_vbr
vorbis_encode_setup_init
vorbis_encode_setup_managed
vorbis_encode_setup_vbr

Sections

UPX0
Size: - Virtual size: 976KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 951KB - Virtual size: 950KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 128B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 32B

IMAGE_SCN_MEM_DISCARDABLE

/19
Size: 512B - Virtual size: 171B

IMAGE_SCN_MEM_DISCARDABLE

/35
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_MEM_DISCARDABLE

/47
Size: 1024B - Virtual size: 634B

IMAGE_SCN_MEM_DISCARDABLE

/61
Size: 512B - Virtual size: 428B

IMAGE_SCN_MEM_DISCARDABLE

/73
Size: 512B - Virtual size: 76B

IMAGE_SCN_MEM_DISCARDABLE

/86
Size: 512B - Virtual size: 335B

IMAGE_SCN_MEM_DISCARDABLE

/97
Size: 512B - Virtual size: 120B

IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 976KB

UPX1 Size: 64KB - Virtual size: 68KB

UPX2 Size: 1024B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 951KB - Virtual size: 950KB

.rdata Size: 1024B - Virtual size: 756B

.bss Size: - Virtual size: 128B

.edata Size: 1024B - Virtual size: 740B

.idata Size: 1024B - Virtual size: 520B

.reloc Size: 9KB - Virtual size: 8KB

/4 Size: 512B - Virtual size: 32B

/19 Size: 512B - Virtual size: 171B

/35 Size: 3KB - Virtual size: 2KB

/47 Size: 1024B - Virtual size: 634B

/61 Size: 512B - Virtual size: 428B

/73 Size: 512B - Virtual size: 76B

/86 Size: 512B - Virtual size: 335B

/97 Size: 512B - Virtual size: 120B

UPX0
Size: - Virtual size: 976KB

UPX1
Size: 64KB - Virtual size: 68KB

UPX2
Size: 1024B - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 951KB - Virtual size: 950KB

.rdata
Size: 1024B - Virtual size: 756B

.bss
Size: - Virtual size: 128B

.edata
Size: 1024B - Virtual size: 740B

.idata
Size: 1024B - Virtual size: 520B

.reloc
Size: 9KB - Virtual size: 8KB

/4
Size: 512B - Virtual size: 32B

/19
Size: 512B - Virtual size: 171B

/35
Size: 3KB - Virtual size: 2KB

/47
Size: 1024B - Virtual size: 634B

/61
Size: 512B - Virtual size: 428B

/73
Size: 512B - Virtual size: 76B

/86
Size: 512B - Virtual size: 335B

/97
Size: 512B - Virtual size: 120B