ddeb5af302741ab79eae42e6ab53caa0759c3a4ed56fbe32a7dcb443cb57f36a

General

Target

ddeb5af302741ab79eae42e6ab53caa0759c3a4ed56fbe32a7dcb443cb57f36a
Size

2.2MB
MD5

3d0ccf85139fcb2b9b128a2c73d2908c
SHA1

491520a13fbd04c180736de5f44a44fc1e1e3470
SHA256

ddeb5af302741ab79eae42e6ab53caa0759c3a4ed56fbe32a7dcb443cb57f36a
SHA512

8ba7808ac098abec058f45662b568d4a4e5a30452fdf4bc0f738e53ada6e99521b22cb57929670be3b7458858a658f5610b5f305cb60e230941166efe7005f34
SSDEEP

49152:wtvM83ks8T5/U2BU+Gqx6j7T8RiY7ZrIZ:T8It4qW7T8cY7BIZ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ddeb5af302741ab79eae42e6ab53caa0759c3a4ed56fbe32a7dcb443cb57f36a
unpack001/out.upx

Files

ddeb5af302741ab79eae42e6ab53caa0759c3a4ed56fbe32a7dcb443cb57f36a
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 6.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??4CSerialPort@@QAEAAV0@ABV0@@Z
?__autoclassinit2@CSerialPort@@QAEXI@Z
_CreateLexer@4
_GetLexerCount@0
_GetLexerFactory@4
_GetLexerName@12
_GetLibraryPropertyNames@0
_GetNameSpace@0
_LexerNameFromID@4
_SetLibraryProperty@8

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 581KB - Virtual size: 581KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 6.5MB

UPX1 Size: 2.0MB - Virtual size: 2.0MB

.rsrc Size: 162KB - Virtual size: 164KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 581KB - Virtual size: 581KB

.data Size: 35KB - Virtual size: 3.1MB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 240KB - Virtual size: 239KB

UPX0
Size: - Virtual size: 6.5MB

UPX1
Size: 2.0MB - Virtual size: 2.0MB

.rsrc
Size: 162KB - Virtual size: 164KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 581KB - Virtual size: 581KB

.data
Size: 35KB - Virtual size: 3.1MB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 240KB - Virtual size: 239KB