22b2c8a30f43129de8f573391092d68584919b68d509a1cec5f55df53b775b15 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22b2c8a30f43129de8f573391092d68584919b68d509a1cec5f55df53b775b15
Size

649KB
MD5

673769b1582b0a22b9135199dffdf543
SHA1

2fcf68487ae9d46538d7f61cda663dce147fd31c
SHA256

22b2c8a30f43129de8f573391092d68584919b68d509a1cec5f55df53b775b15
SHA512

df5a27a7ba9e4f28fb41841f46f33f3839654ef23630aa6ea75852a952abc84ec6c18ad32e75e49a5ba3b0a3a848973a48f981d491c88cc5767ca2cf6cf2dc85
SSDEEP

12288:gOTjWtTkHJU1SwGbbXb0qmlxUVAphPrYaT2e0E4yKIh:3atT3RGbsvJ8aT2e0Byxh

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

22b2c8a30f43129de8f573391092d68584919b68d509a1cec5f55df53b775b15
.exe windows x86

2115461618b3498385f942fa60d291f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
WriteFile
CloseHandle
FindFirstFileA
GetTempPathA
GetFileSize
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetStringTypeW
GetStringTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
HeapReAlloc
GetLastError
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
FlushFileBuffers

shell32

ShellExecuteA

Sections

UPX0
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE