39c38040f3454e059ae2ade0ea32ca60e9062a3a0d3f65a2c2ab692ea1bd65a0

General

Target

39c38040f3454e059ae2ade0ea32ca60e9062a3a0d3f65a2c2ab692ea1bd65a0
Size

225KB
MD5

721e337ace2ff296b2a5ed7e4bcb77dd
SHA1

5d86e2b7bd8ada8f70a59d6f4bcb54bc16283e0e
SHA256

39c38040f3454e059ae2ade0ea32ca60e9062a3a0d3f65a2c2ab692ea1bd65a0
SHA512

51b2095e6ee6b9e79e0dcbb6eb676978839c700526a74f25a3396de30358d736d426df13e1ef8bf3b3d4493056583f24cfec463da7a60856b92abd063a8c75e0
SSDEEP

6144:aTucImhNvSbvwCnbvy2Ma+AGxoE0GrsxenZdunE0:dK4TwCn7r+AGxQGrsx6nunH

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/keygen5.exe	upx

Files

39c38040f3454e059ae2ade0ea32ca60e9062a3a0d3f65a2c2ab692ea1bd65a0
.cab
is200079.exe
.exe windows x86

077d7b319af29ab115efb920e409b1e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetFocus
OemToCharA
LoadImageA
IsCharLowerA
GetDC
FillRect
EndDeferWindowPos
EnableScrollBar
DrawTextA
DrawStateA
DrawCaption
DispatchMessageA
CharUpperA
CharToOemBuffA
BeginPaint
ActivateKeyboardLayout

kernel32

GetLastError
MapViewOfFile
LoadLibraryA
GetVersionExA
GetVersion
GetTimeFormatA
GetDateFormatA
lstrcpynA
lstrcpyA
VirtualAlloc
UnmapViewOfFile
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
OpenFileMappingA
CloseHandle
EnterCriticalSection
EnumResourceLanguagesA
FindResourceA
FreeResource
GetCommandLineA
OpenFile

oleaut32

OleIconToCursor
OleLoadPicturePath
OleTranslateColor
SafeArrayCreate
VarBstrCmp
ClearCustData

Sections

.text
Size: 18KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
keygen5.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 300KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 174KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

077d7b319af29ab115efb920e409b1e8

Headers

File Characteristics

Imports

user32

kernel32

oleaut32

Sections

.text Size: 18KB - Virtual size: 28KB

.data Size: 33KB - Virtual size: 36KB

.rdata Size: 1024B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 300KB

UPX1 Size: 174KB - Virtual size: 176KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 18KB - Virtual size: 28KB

.data
Size: 33KB - Virtual size: 36KB

.rdata
Size: 1024B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 300KB

UPX1
Size: 174KB - Virtual size: 176KB

.rsrc
Size: 12KB - Virtual size: 12KB