bdd7262d4846748fc69488647645c463926d4c3f362259f1a34cb7299ac83751

Sharing

Copy URL Twitter E-mail

General

Target

bdd7262d4846748fc69488647645c463926d4c3f362259f1a34cb7299ac83751
Size

148KB
MD5

ac998da81c30eeec8213a51bae3c07d3
SHA1

100c5881ab451571a6425ddd13970100b71fb308
SHA256

bdd7262d4846748fc69488647645c463926d4c3f362259f1a34cb7299ac83751
SHA512

0ef956d545f88371ab17d43cb31c0b1bc501af3c535566698fa1834012c53237eafd35d575d4058c0128855e264dd32f485f633dbf62d5da2f5881d0b2f55aff
SSDEEP

3072:yg6Buw+63dNb3bDURo+EQ1KkIibtgBU1IVB7N0vw4fr5MhTZN:Ouw+6D3cR7ERkIibtuUWVBavw25MJZN

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
bdd7262d4846748fc69488647645c463926d4c3f362259f1a34cb7299ac83751
unpack001/out.upx

Files

bdd7262d4846748fc69488647645c463926d4c3f362259f1a34cb7299ac83751
.dll windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

mt32emu_add_machine_rom_file
mt32emu_add_rom_data
mt32emu_add_rom_file
mt32emu_close_synth
mt32emu_convert_output_to_synth_timestamp
mt32emu_convert_synth_to_output_timestamp
mt32emu_create_context
mt32emu_flush_midi_queue
mt32emu_free_context
mt32emu_get_actual_stereo_output_samplerate
mt32emu_get_best_analog_output_mode
mt32emu_get_dac_input_mode
mt32emu_get_display_state
mt32emu_get_internal_rendered_sample_count
mt32emu_get_library_version_int
mt32emu_get_library_version_string
mt32emu_get_machine_ids
mt32emu_get_midi_delay_mode
mt32emu_get_output_gain
mt32emu_get_part_states
mt32emu_get_part_volume_override
mt32emu_get_partial_count
mt32emu_get_partial_states
mt32emu_get_patch_name
mt32emu_get_playing_notes
mt32emu_get_reverb_output_gain
mt32emu_get_rom_ids
mt32emu_get_rom_info
mt32emu_get_selected_renderer_type
mt32emu_get_service_i
mt32emu_get_stereo_output_samplerate
mt32emu_get_supported_midi_receiver_version
mt32emu_get_supported_report_handler_version
mt32emu_has_active_partials
mt32emu_identify_rom_data
mt32emu_identify_rom_file
mt32emu_is_active
mt32emu_is_default_reverb_mt32_compatible
mt32emu_is_mt32_reverb_compatibility_mode
mt32emu_is_nice_amp_ramp_enabled
mt32emu_is_nice_panning_enabled
mt32emu_is_nice_partial_mixing_enabled
mt32emu_is_open
mt32emu_is_reverb_enabled
mt32emu_is_reverb_overridden
mt32emu_is_reversed_stereo_enabled
mt32emu_merge_and_add_rom_data
mt32emu_merge_and_add_rom_files
mt32emu_open_synth
mt32emu_parse_stream
mt32emu_parse_stream_at
mt32emu_play_msg
mt32emu_play_msg_at
mt32emu_play_msg_now
mt32emu_play_msg_on_part
mt32emu_play_short_message
mt32emu_play_short_message_at
mt32emu_play_sysex
mt32emu_play_sysex_at
mt32emu_play_sysex_now
mt32emu_preallocate_reverb_memory
mt32emu_read_memory
mt32emu_render_bit16s
mt32emu_render_bit16s_streams
mt32emu_render_float
mt32emu_render_float_streams
mt32emu_select_renderer_type
mt32emu_set_analog_output_mode
mt32emu_set_dac_input_mode
mt32emu_set_main_display_mode
mt32emu_set_midi_delay_mode
mt32emu_set_midi_event_queue_size
mt32emu_set_midi_receiver
mt32emu_set_nice_amp_ramp_enabled
mt32emu_set_nice_panning_enabled
mt32emu_set_nice_partial_mixing_enabled
mt32emu_set_output_gain
mt32emu_set_part_volume_override
mt32emu_set_partial_count
mt32emu_set_reverb_compatibility_mode
mt32emu_set_reverb_enabled
mt32emu_set_reverb_output_gain
mt32emu_set_reverb_overridden
mt32emu_set_reversed_stereo_enabled
mt32emu_set_samplerate_conversion_quality
mt32emu_set_stereo_output_samplerate
mt32emu_write_sysex

Sections

UPX0
Size: - Virtual size: 236KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 143KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 236KB

UPX1 Size: 143KB - Virtual size: 144KB

UPX2 Size: 4KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 247KB - Virtual size: 246KB

.rdata Size: 71KB - Virtual size: 70KB

.data Size: 10KB - Virtual size: 24KB

.pdata Size: 20KB - Virtual size: 19KB

.reloc Size: 3KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 236KB

UPX1
Size: 143KB - Virtual size: 144KB

UPX2
Size: 4KB - Virtual size: 4KB

.text
Size: 247KB - Virtual size: 246KB

.rdata
Size: 71KB - Virtual size: 70KB

.data
Size: 10KB - Virtual size: 24KB

.pdata
Size: 20KB - Virtual size: 19KB

.reloc
Size: 3KB - Virtual size: 2KB