0e1e0b86540390bc2b2a64f03d9904e99b8c52804b25f3f76bcd2934111bd278

General

Target

0e1e0b86540390bc2b2a64f03d9904e99b8c52804b25f3f76bcd2934111bd278
Size

832KB
MD5

43c82ca18f466e38a6e32d060a840ff2
SHA1

911689722682a2af25303d4e24b775c8548e355c
SHA256

0e1e0b86540390bc2b2a64f03d9904e99b8c52804b25f3f76bcd2934111bd278
SHA512

0e60035ba9f0f9aaadbffe42bf38eedd65e43599e061d3bb245c6c13c6c234376c551e20933e73eb4779bc7ea905bb091823435ee0372cda65bcd0f574c2d48c
SSDEEP

12288:/eXYdZWyIK3WzxFA9Si16ElGugJG6AyiwLCVK2jMuuS8m8bhrRAroRnj:/eXYdtIRzXA9SiMLul6/LLmKWMu45

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
0e1e0b86540390bc2b2a64f03d9904e99b8c52804b25f3f76bcd2934111bd278
unpack001/out.upx

Files

0e1e0b86540390bc2b2a64f03d9904e99b8c52804b25f3f76bcd2934111bd278
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 667KB - Virtual size: 668KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 713KB - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 835KB - Virtual size: 835KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.7MB

UPX1 Size: 667KB - Virtual size: 668KB

.rsrc Size: 165KB - Virtual size: 168KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 713KB - Virtual size: 712KB

.rdata Size: 835KB - Virtual size: 835KB

.data Size: 82KB - Virtual size: 632KB

.pdata Size: 19KB - Virtual size: 18KB

.xdata Size: 512B - Virtual size: 180B

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 15KB - Virtual size: 15KB

.symtab Size: 512B - Virtual size: 4B

.rsrc Size: 165KB - Virtual size: 164KB

UPX0
Size: - Virtual size: 1.7MB

UPX1
Size: 667KB - Virtual size: 668KB

.rsrc
Size: 165KB - Virtual size: 168KB

.text
Size: 713KB - Virtual size: 712KB

.rdata
Size: 835KB - Virtual size: 835KB

.data
Size: 82KB - Virtual size: 632KB

.pdata
Size: 19KB - Virtual size: 18KB

.xdata
Size: 512B - Virtual size: 180B

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 15KB - Virtual size: 15KB

.symtab
Size: 512B - Virtual size: 4B

.rsrc
Size: 165KB - Virtual size: 164KB