25c5d5839cf205b616e12fb93d1f6dd64ada6f9cc1664d3c7b2e2386a4127f61

General

Target

25c5d5839cf205b616e12fb93d1f6dd64ada6f9cc1664d3c7b2e2386a4127f61
Size

1.1MB
MD5

693dc0a3378255a9b2a7c8b4c7414341
SHA1

bf6606900079ca72be0a9d918b3827e6c088be7f
SHA256

25c5d5839cf205b616e12fb93d1f6dd64ada6f9cc1664d3c7b2e2386a4127f61
SHA512

09d7f590efc44ab33cc7a405214346d2374ca9219c1939c8bab34a6df041797eab89556325f60f52b59612b52f236a427d59534bfef0c0ed8b5db3024ca29c2a
SSDEEP

24576:DnUncz65Zb6vjmGf1jcj1ZJzDlxef9gL2J9A4dbjZWpj8a+FM8+MU0Ib5Ra:DAce5Zb6v6G9ARZZl2OL2J93PZAjt+Fd

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
25c5d5839cf205b616e12fb93d1f6dd64ada6f9cc1664d3c7b2e2386a4127f61
unpack001/out.upx

Files

25c5d5839cf205b616e12fb93d1f6dd64ada6f9cc1664d3c7b2e2386a4127f61
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

data
Size: 301KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 357KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.6MB

UPX1 Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 27KB - Virtual size: 28KB

Headers

File Characteristics

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

code Size: 396KB - Virtual size: 396KB

.data Size: 74KB - Virtual size: 73KB

data Size: 301KB - Virtual size: 300KB

.rdata Size: 357KB - Virtual size: 357KB

.bss Size: - Virtual size: 68KB

.idata Size: 13KB - Virtual size: 13KB

.rsrc Size: 26KB - Virtual size: 26KB

UPX0
Size: - Virtual size: 1.6MB

UPX1
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 27KB - Virtual size: 28KB

.text
Size: 1.5MB - Virtual size: 1.5MB

code
Size: 396KB - Virtual size: 396KB

.data
Size: 74KB - Virtual size: 73KB

data
Size: 301KB - Virtual size: 300KB

.rdata
Size: 357KB - Virtual size: 357KB

.bss
Size: - Virtual size: 68KB

.idata
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 26KB - Virtual size: 26KB