6d66e3bdab1dbb9bdf28cc05be014f436ac90e3478777ebe94acfffa522f7483

General

Target

6d66e3bdab1dbb9bdf28cc05be014f436ac90e3478777ebe94acfffa522f7483
Size

1.1MB
MD5

a6914797c2cf9fd4cba51d15da6543f3
SHA1

fce2d834ac69f625014fae45c3da23e5aea36e0c
SHA256

6d66e3bdab1dbb9bdf28cc05be014f436ac90e3478777ebe94acfffa522f7483
SHA512

b3639bb43eb5cbc9f5776c7aca995255e2d91360f70a116cf4e250e1f291bb24b2677b9130a406829322c1fe45e0b2f3a797175c2c64eb708d608540a6aeb24d
SSDEEP

24576:zmPVGqnVpVaYfnhdzFZ7UA+jzw9NAQnA0GJ:zoBtaYfhSA+jzaNAQA0GJ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
6d66e3bdab1dbb9bdf28cc05be014f436ac90e3478777ebe94acfffa522f7483
unpack001/out.upx

Files

6d66e3bdab1dbb9bdf28cc05be014f436ac90e3478777ebe94acfffa522f7483
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 848KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 297KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 739KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.6MB

UPX1 Size: 848KB - Virtual size: 852KB

.rsrc Size: 212KB - Virtual size: 212KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 297KB - Virtual size: 296KB

.data Size: 42KB - Virtual size: 60KB

.gfids Size: 4KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 739KB - Virtual size: 738KB

.reloc Size: 74KB - Virtual size: 73KB

UPX0
Size: - Virtual size: 1.6MB

UPX1
Size: 848KB - Virtual size: 852KB

.rsrc
Size: 212KB - Virtual size: 212KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 297KB - Virtual size: 296KB

.data
Size: 42KB - Virtual size: 60KB

.gfids
Size: 4KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 739KB - Virtual size: 738KB

.reloc
Size: 74KB - Virtual size: 73KB