ab5f0154919a64732dcf97c8a12ca15dc5f4d1b04ce28c5ce1d7693f14966569

General

Target

ab5f0154919a64732dcf97c8a12ca15dc5f4d1b04ce28c5ce1d7693f14966569
Size

2.6MB
MD5

2d72eb8916c1f7b066d7bdb3151832fa
SHA1

cb53e698b0c7a00dcf7fe42955114ef571beaca3
SHA256

ab5f0154919a64732dcf97c8a12ca15dc5f4d1b04ce28c5ce1d7693f14966569
SHA512

6ec96cd4eaa8c680b5aab17a33e6581cc3616525997282085363b894b13976a025f3ba84763d2b3bfefe4103f02e16f3b085e53db1dde91b855542ae56a46ee0
SSDEEP

49152:woUMoaz4KJ0atpf0h3U8pL8ibXG/kw2/dLInk1my/rD6cniVF:w5a86pOU8pL8ibXK329IkQy/rD6cq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ab5f0154919a64732dcf97c8a12ca15dc5f4d1b04ce28c5ce1d7693f14966569
unpack001/out.upx

Files

ab5f0154919a64732dcf97c8a12ca15dc5f4d1b04ce28c5ce1d7693f14966569
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.5MB

UPX1 Size: 2.6MB - Virtual size: 2.6MB

.rsrc Size: 33KB - Virtual size: 36KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 279KB - Virtual size: 279KB

.rdata Size: 55KB - Virtual size: 55KB

.data Size: 7KB - Virtual size: 12KB

.00cfg Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 4.7MB - Virtual size: 4.7MB

.reloc Size: 15KB - Virtual size: 14KB

UPX0
Size: - Virtual size: 2.5MB

UPX1
Size: 2.6MB - Virtual size: 2.6MB

.rsrc
Size: 33KB - Virtual size: 36KB

.text
Size: 279KB - Virtual size: 279KB

.rdata
Size: 55KB - Virtual size: 55KB

.data
Size: 7KB - Virtual size: 12KB

.00cfg
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

.reloc
Size: 15KB - Virtual size: 14KB