arc_unpacker-0[.]11-bin[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

arc_unpacker-0.11-bin.zip
Size

2.7MB
MD5

d7131abd8d8bb1ea631cd78caad82963
SHA1

205976dc99290084bcd3efeb95bb3f0784fe2476
SHA256

c55bdd25a8f4e0f9aa58e2f2c806faf179514f4b929c43016dbf606d16ba2bc7
SHA512

6ec5869ac8af1204e0aa2a041c0a77b04b25cfe33fb376c57aa5f283722c8c3bc15107ea4dce1b91f1b1ae3035425b601cc7e80002e76dbc1b0b04248ca7c267
SSDEEP

49152:Yoy9PSkDe9laEdzVLIunGL9oM8xuQtmkhpyClwG93GYQiQ/Ez6PD0FAPDokN:QPSOe9c6LIuk9j8UQtmknyClz92YQhEm

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/arc_unpacker.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/arc_unpacker.exe
unpack002/out.upx

Files

arc_unpacker-0.11-bin.zip
.zip
arc_unpacker.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 43KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
etc/noraneko.lst
etc/shiina_rio/flag.png
.png
etc/shiina_rio/logo1.png
.png
etc/shiina_rio/logo2.jpg
.jpg
etc/shiina_rio/logo3.jpg
.jpg
etc/shiina_rio/logo4.jpg
.jpg
etc/shiina_rio/logo5.jpg
.jpg
etc/shiina_rio/logo6.jpg
.jpg
etc/shiina_rio/region.png
.png
etc/shiina_rio/table1.bin
etc/shiina_rio/table2.bin
etc/shiina_rio/table3.bin
etc/shiina_rio/table4.bin
etc/th135-file-names.lst
etc/th145-file-names.lst
etc/tsujidou-junai.lst
etc/tsujidou-virgin.lst
etc/xp3/karakara.dat

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.5MB

UPX1 Size: 2.2MB - Virtual size: 2.2MB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 4.2MB - Virtual size: 4.2MB

.data Size: 46KB - Virtual size: 46KB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.bss Size: - Virtual size: 43KB

.idata Size: 6KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 56B

.tls Size: 512B - Virtual size: 32B

UPX0
Size: - Virtual size: 3.5MB

UPX1
Size: 2.2MB - Virtual size: 2.2MB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 4.2MB - Virtual size: 4.2MB

.data
Size: 46KB - Virtual size: 46KB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.bss
Size: - Virtual size: 43KB

.idata
Size: 6KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 56B

.tls
Size: 512B - Virtual size: 32B