6c76ad7af31bd854c1ab7188d0bb75497c2ed9f6e41bfa08032b24724a962e22

Sharing

Copy URL

Twitter E-mail

General

Target

6c76ad7af31bd854c1ab7188d0bb75497c2ed9f6e41bfa08032b24724a962e22
Size

854KB
MD5

519177ef170d8147217ed8083a2d7fb0
SHA1

f1656a651da8669547bf33d1485057753b041155
SHA256

6c76ad7af31bd854c1ab7188d0bb75497c2ed9f6e41bfa08032b24724a962e22
SHA512

5c13977e66c2547c0fbd7bdb962c035d5ef658dc6a06564c0c6c12488a6e6b05eb9d534b86394875b89acc334285602700789f064c950006f27077193c788e60
SSDEEP

12288:iTbIAYBYGZLWlLLFTHdc8HQqqPbyoXMHwPMbDvJAmTs9C+hGaCkK:uGZLWlvFTHdcdqqmoXWwWW4DkK

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

6c76ad7af31bd854c1ab7188d0bb75497c2ed9f6e41bfa08032b24724a962e22
.exe windows x86

ea3e6cc26abbdb36989c7bc6f99afc21

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutReset
waveOutGetVolume
waveInUnprepareHeader
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveInAddBuffer
waveOutClose
waveOutGetNumDevs
waveOutRestart
waveInStart
waveOutGetDevCapsA
waveOutPause
waveInStop
waveInGetNumDevs
waveOutSetVolume

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
VirtualFree
GetStringTypeA
SystemTimeToFileTime
UnhandledExceptionFilter
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
OpenFile
GetTempPathA
GetModuleFileNameA
VirtualAlloc
SetUnhandledExceptionFilter
HeapCreate
HeapDestroy
HeapReAlloc
HeapSize
GetTimeZoneInformation
GetLocalTime
GetSystemTime
GetOEMCP
ExitProcess
GetCPInfo
TerminateProcess
GetModuleHandleA
GetCommandLineA
GetStartupInfoA
RaiseException
HeapAlloc
HeapFree
GetProcessVersion
RtlUnwind
SizeofResource
WritePrivateProfileStringA
SetErrorMode
GlobalFlags
TlsSetValue
TlsGetValue
LocalReAlloc
LocalAlloc
TlsAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FileTimeToLocalFileTime
InitializeCriticalSection
GetDiskFreeSpaceA
FileTimeToSystemTime
GlobalAddAtomA
GlobalGetAtomNameA
SetLastError
MulDiv
lstrcatA
GetFileAttributesA
SetFileTime
LCMapStringA
LocalFileTimeToFileTime
GlobalLock
GetFileTime
GetFileSize
GetShortPathNameA
lstrcmpiA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
GlobalUnlock
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
GlobalFree
LockFile
CloseHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
_lopen
_llseek
_lread
_lclose
lstrcpyA
GetTempFileNameA
GetVersion
GetACP
GetTickCount
GetProfileIntA
lstrlenA
GetProfileStringA
GetVersionExA
FindResourceA
LoadResource
LockResource
GlobalReAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
GlobalHandle
GlobalAlloc
LCMapStringW

user32

IsDialogMessageA
SetWindowTextA
ShowWindow
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
WindowFromPoint
LoadStringA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
TranslateAcceleratorA
GetDesktopWindow
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
ShowOwnedPopups
MessageBoxA
ValidateRect
TranslateMessage
GetMessageA
DestroyIcon
GetSysColorBrush
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
UpdateWindow
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
DispatchMessageA
PeekMessageA
SetActiveWindow
IsWindow
SetFocus
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetTopWindow
IsWindowEnabled
IsChild
GetSubMenu
GetMenu
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
SetPropA
CallNextHookEx
SetForegroundWindow
GetPropA
CallWindowProcA
GetMessageTime
GetMessagePos
GetWindow
SetWindowLongA
DestroyMenu
LoadAcceleratorsA
UnhookWindowsHookEx
wsprintfA
CharUpperA
PostQuitMessage
CharPrevA
GetDialogBaseUnits
InsertMenuA
GetWindowLongA
AdjustWindowRect
WinHelpA
EnableMenuItem
SetMenu
AdjustWindowRectEx
OffsetRect
GetSystemMenu
LoadIconA
RegisterClassA
SetRect
CreatePopupMenu
LoadMenuA
GetMenuItemCount
GetMenuItemID
GetMenuStringA
SetRectEmpty
IsRectEmpty
GetParent
GetFocus
DrawFocusRect
InvalidateRect
KillTimer
SetTimer
RemoveMenu
SetMenuItemBitmaps
AppendMenuA
CheckMenuItem
GetCursorPos
PtInRect
ReleaseCapture
SetCapture
GetCapture
LoadCursorA
SetCursor
InflateRect
GetClassNameA
GetClassInfoA
FindWindowExA
GetSystemMetrics
LoadBitmapA
ScreenToClient
IsWindowVisible
GetKeyState
PostMessageA
GetWindowRect
GetClientRect
FillRect
GetSysColor
CopyRect
EnableWindow
SendMessageA
IntersectRect
UnionRect
IsIconic
ClientToScreen
MessageBeep
ReleaseDC
GetDC
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageA
SetWindowPos
GetTabbedTextExtentA
CharNextA
RemovePropA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode

gdi32

GetDeviceCaps
GetStockObject
CreateRectRgn
CreateCompatibleBitmap
CreateCompatibleDC
SelectPalette
CreatePalette
GetSystemPaletteEntries
CreateDCA
DeleteObject
DeleteDC
BitBlt
SetBitmapBits
PolyPolygon
SetRectRgn
CombineRgn
GetBkColor
GetTextColor
GetNearestPaletteIndex
SetViewportOrgEx
PaintRgn
InvertRgn
FrameRgn
RealizePalette
SetPaletteEntries
AnimatePalette
SetTextAlign
SetTextJustification
SetTextCharacterExtra
CreateFontIndirectA
UnrealizeObject
CreateBrushIndirect
CreatePatternBrush
CreatePenIndirect
SetWindowExtEx
SetWindowOrgEx
SetViewportExtEx
SetBrushOrgEx
SetMapMode
SetStretchBltMode
SetPolyFillMode
SetROP2
SetBkMode
SetTextColor
SetBkColor
ExtFloodFill
FloodFill
RoundRect
Rectangle
Polyline
SelectObject
Polygon
SetPixel
LineTo
MoveToEx
Pie
Ellipse
Chord
Arc
CreateDIBitmap
GetTextAlign
ExtTextOutA
StretchDIBits
DPtoLP
TextOutA
GetClipBox
LPtoDP
StretchBlt
OffsetRgn
SetDIBits
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
GetViewportExtEx
GetTextMetricsA
GetTextExtentPoint32A
GetMapMode
CreateSolidBrush
GetNearestColor
CreatePen
GetDIBits
GetPaletteEntries
GetObjectA
CreateFontA
CreateBitmap
GetTextExtentPointA
SaveDC
RestoreDC
ScaleViewportExtEx
OffsetViewportOrgEx
ScaleWindowExtEx
IntersectClipRect
PtVisible
Escape
RectVisible
PatBlt

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegCreateKeyA
RegOpenKeyA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyA
RegQueryValueA
RegCloseKey
RegSetValueA
RegDeleteKeyA

shell32

ExtractIconA
DragFinish
DragAcceptFiles
DragQueryFileA
SHGetFileInfoA

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 329KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.UPX
Size: 238KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ea3e6cc26abbdb36989c7bc6f99afc21

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 329KB - Virtual size: 328KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 15KB - Virtual size: 31KB

.idata Size: 10KB - Virtual size: 10KB

.rsrc Size: 159KB - Virtual size: 158KB

.reloc Size: 37KB - Virtual size: 36KB

.UPX Size: 238KB - Virtual size: 240KB

.text
Size: 329KB - Virtual size: 328KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 15KB - Virtual size: 31KB

.idata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 159KB - Virtual size: 158KB

.reloc
Size: 37KB - Virtual size: 36KB

.UPX
Size: 238KB - Virtual size: 240KB