73e13e853d798b19250a6d8c8c8da5cf8f7798f5c764f7e5ed998e2353f3d5db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73e13e853d798b19250a6d8c8c8da5cf8f7798f5c764f7e5ed998e2353f3d5db
Size

71KB
MD5

e580095677292b72b58aeda0ab8692dc
SHA1

39335d1363b683d12962fc3c3591ed10b4e60f8c
SHA256

73e13e853d798b19250a6d8c8c8da5cf8f7798f5c764f7e5ed998e2353f3d5db
SHA512

53779517bc59823b2eda4e5409e56cf653a467424251be80427882ece4eb758d340298b534a5adf6fd08e128b912dea26d8e21a1a496535981f9e4722021812c
SSDEEP

1536:hc1QcRKdvJI2lmydD+u8MOBeBQbxLpNazV20BN:CQK2lmyN+u8MO02xLKV20BN

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

73e13e853d798b19250a6d8c8c8da5cf8f7798f5c764f7e5ed998e2353f3d5db
.dll windows x86

630aad8631670c0ca2bbed684975b16d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefDlgProcA
DestroyIcon
DestroyMenu
DialogBoxParamA
CreateIcon
EnableScrollBar
EndPaint
EqualRect
CreateDialogParamA
CreateAcceleratorTableA
CopyRect
CopyImage
CharToOemBuffA
CharPrevA
CharNextA
ChangeMenuA
EmptyClipboard
ActivateKeyboardLayout

kernel32

lstrcpyA
lstrcmpA
VirtualFree
LeaveCriticalSection
GetVersion
GetStartupInfoA
EnterCriticalSection
CloseHandle
lstrcpynA

Sections

.text
Size: 15KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ