6f7207b7aab042d705eb43d694fb0c4d36ac807ff5725e6346d74f0a56559368

General

Target

6f7207b7aab042d705eb43d694fb0c4d36ac807ff5725e6346d74f0a56559368
Size

369KB
MD5

65062458dd22037289d37c4acda97bde
SHA1

5fb2db95f92d964dcf7bd8373128ba109ec743e4
SHA256

6f7207b7aab042d705eb43d694fb0c4d36ac807ff5725e6346d74f0a56559368
SHA512

08e122adbd9094a254bc002d3357d05ff0716ed923427bd3cdf05b38f31b324f4822a4a95d0ebb54b5a98a19cb38d8f23156130933e701e603bc27c9eb29764d
SSDEEP

6144:QKkf5RGUUIG3oOTYxF6vTxuGeG8+Q66EvnRw485JmP6PbHn+M2BfIBUk:QTf7GUaYxF6duGen6lJwhn+M2BfIKk

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
6f7207b7aab042d705eb43d694fb0c4d36ac807ff5725e6346d74f0a56559368
unpack001/out.upx

Files

6f7207b7aab042d705eb43d694fb0c4d36ac807ff5725e6346d74f0a56559368
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 792KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 346KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??4CCreateCustomTiff@@QAEAAV0@ABV0@@Z
DM_CreateInterface
DM_FreeInterface

Sections

.text
Size: 745KB - Virtual size: 744KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 792KB

UPX1 Size: 346KB - Virtual size: 348KB

.rsrc Size: 21KB - Virtual size: 24KB

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 745KB - Virtual size: 744KB

.rdata Size: 175KB - Virtual size: 174KB

.data Size: 6KB - Virtual size: 8KB

.rsrc Size: 52KB - Virtual size: 52KB

.reloc Size: 89KB - Virtual size: 88KB

UPX0
Size: - Virtual size: 792KB

UPX1
Size: 346KB - Virtual size: 348KB

.rsrc
Size: 21KB - Virtual size: 24KB

.text
Size: 745KB - Virtual size: 744KB

.rdata
Size: 175KB - Virtual size: 174KB

.data
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 52KB - Virtual size: 52KB

.reloc
Size: 89KB - Virtual size: 88KB