39a5dd98bbbd7bdf279bb017d224c256c433e1d11c31e89259616e2f8872b454

General

Target

39a5dd98bbbd7bdf279bb017d224c256c433e1d11c31e89259616e2f8872b454
Size

237KB
MD5

4a8daf2d221afeb186171dfdfa21b757
SHA1

c872113d0979a416e37e8e2657ae42597c313fe4
SHA256

39a5dd98bbbd7bdf279bb017d224c256c433e1d11c31e89259616e2f8872b454
SHA512

64ad37b386dc6cb5bb059880b0a957339815e0b02a917d240c78ffdc9d5026f9c46ef78648febcdbdb9e0fb3a311a8ab57594260930f5152c7581c61d4feec23
SSDEEP

3072:ApR68DUfyfYfrZCTt7lEcdRRA+84zRv3U5rHnULlKolxMm9tB:Agf4Yfs7l/dRRE57ULlKq

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
39a5dd98bbbd7bdf279bb017d224c256c433e1d11c31e89259616e2f8872b454
unpack001/out.upx

Files

39a5dd98bbbd7bdf279bb017d224c256c433e1d11c31e89259616e2f8872b454
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 812KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 473KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 812KB

UPX1 Size: 116KB - Virtual size: 120KB

.rsrc Size: 120KB - Virtual size: 120KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 188KB - Virtual size: 187KB

.rdata Size: 76KB - Virtual size: 76KB

.data Size: 3KB - Virtual size: 473KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 129KB - Virtual size: 128KB

.reloc Size: 24KB - Virtual size: 23KB

UPX0
Size: - Virtual size: 812KB

UPX1
Size: 116KB - Virtual size: 120KB

.rsrc
Size: 120KB - Virtual size: 120KB

.text
Size: 188KB - Virtual size: 187KB

.rdata
Size: 76KB - Virtual size: 76KB

.data
Size: 3KB - Virtual size: 473KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 129KB - Virtual size: 128KB

.reloc
Size: 24KB - Virtual size: 23KB