94b88650ebf3fe56877d27316b51a4ddf27b4182892b167b5b03b35d84c95d02

Resubmissions

17-04-2024 14:30

240417-rt43faca49 10

17-04-2024 14:30

17-04-2024 14:29

17-04-2024 14:29

17-04-2024 14:29

31-07-2022 05:21

Sharing

Copy URL

Twitter E-mail

General

Target

94b88650ebf3fe56877d27316b51a4ddf27b4182892b167b5b03b35d84c95d02
Size

1.5MB
MD5

6599f79e40a26186261b58aa89194e5b
SHA1

0a44b71f930447d545de0f10b6f9c70d513acacc
SHA256

94b88650ebf3fe56877d27316b51a4ddf27b4182892b167b5b03b35d84c95d02
SHA512

9e4c8b704bdf6f69df693c40c323f069ac7b9900ab8486d7e5a8423670aa1ee686ccfb6c4026f903d0928145efeee04b0b4cded0000f918862208baba9913748
SSDEEP

24576:4i9CFkYBMSUkGUbDkAv0f3BIykhWmRkLhKRahLo1ChjllyzD8k20ZItIhi4Gx:4ieMSU0bD7Q3Bfkh9k1VtKChpIzD/Std

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.

Processes:

resource

94b88650ebf3fe56877d27316b51a4ddf27b4182892b167b5b03b35d84c95d02
unpack001/out.upx

resource	yara_rule
sample	upx

resource
94b88650ebf3fe56877d27316b51a4ddf27b4182892b167b5b03b35d84c95d02
unpack001/out.upx

Files

94b88650ebf3fe56877d27316b51a4ddf27b4182892b167b5b03b35d84c95d02
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 704KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 704KB

UPX1 Size: 1.5MB - Virtual size: 1.5MB

.rsrc Size: 14KB - Virtual size: 16KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 248KB - Virtual size: 247KB

.rdata Size: 188KB - Virtual size: 188KB

.data Size: 23KB - Virtual size: 434KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

UPX0
Size: - Virtual size: 704KB

UPX1
Size: 1.5MB - Virtual size: 1.5MB

.rsrc
Size: 14KB - Virtual size: 16KB

.text
Size: 248KB - Virtual size: 247KB

.rdata
Size: 188KB - Virtual size: 188KB

.data
Size: 23KB - Virtual size: 434KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB