70b2311c756d0e69557e187f5ffa360b4a3c11e6d6632a71d7e7b5d13e9d954d

General

Target

70b2311c756d0e69557e187f5ffa360b4a3c11e6d6632a71d7e7b5d13e9d954d
Size

3.7MB
MD5

868d183d11f5fb1b5bd3bb259106e91c
SHA1

b37eee5105b2dd063e51f5b48b767382c8355eb6
SHA256

70b2311c756d0e69557e187f5ffa360b4a3c11e6d6632a71d7e7b5d13e9d954d
SHA512

2579f3c6e07e26788b039a09ce370167164307926353071ca418bbe428f50936dd074783f286e5c869bf60d64486a598724a167be860cd22eda37bb3abce3692
SSDEEP

98304:Bar2rXY4T7I5KOHnkFiiWRSFJF0GoJoeU5GxEH+ch87+:IOY4PcKwnkF2UJuJoeU5Gx3c

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
70b2311c756d0e69557e187f5ffa360b4a3c11e6d6632a71d7e7b5d13e9d954d
unpack001/out.upx

Files

70b2311c756d0e69557e187f5ffa360b4a3c11e6d6632a71d7e7b5d13e9d954d
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 6.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 220KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 6.6MB

UPX1 Size: 3.7MB - Virtual size: 3.7MB

UPX2 Size: 512B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 5.9MB - Virtual size: 5.9MB

.data Size: 220KB - Virtual size: 436KB

.idata Size: 1024B - Virtual size: 988B

.reloc Size: 177KB - Virtual size: 176KB

.symtab Size: 512B - Virtual size: 4B

UPX0
Size: - Virtual size: 6.6MB

UPX1
Size: 3.7MB - Virtual size: 3.7MB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 5.9MB - Virtual size: 5.9MB

.data
Size: 220KB - Virtual size: 436KB

.idata
Size: 1024B - Virtual size: 988B

.reloc
Size: 177KB - Virtual size: 176KB

.symtab
Size: 512B - Virtual size: 4B