02b602edcdf09497b8e3d619664bfdd42c3e5598d2bb4c2324e849f4db1e3ec8

General

Target

02b602edcdf09497b8e3d619664bfdd42c3e5598d2bb4c2324e849f4db1e3ec8
Size

200KB
MD5

6dc9a9820f8be4463402716a1ec7c9dd
SHA1

c3c3fac9a279751575bb3791267c35bcd1923f63
SHA256

02b602edcdf09497b8e3d619664bfdd42c3e5598d2bb4c2324e849f4db1e3ec8
SHA512

ef3470a1dc06884a8af9817914dcac80602b173ab961e337ec8b6458ff2053bb388666d012216d1a70db6a3136211fe47c4db692d99067dcd1941b94e77b3706
SSDEEP

6144:PiVP9lcllbC2nc0BFk2cIAgln3RmFZWCY:6VP9K3bnnc0fk2y8noHWCY

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

02b602edcdf09497b8e3d619664bfdd42c3e5598d2bb4c2324e849f4db1e3ec8
.exe windows x86

830645704be2a2c7550d79184f7bbd81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
DeviceIoControl
CreateFileA
GetLastError
SetLastError
SetFilePointerEx
ReadFile
SetErrorMode
WriteFile
GetEnvironmentVariableA
GetFileType
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentDirectoryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapReAlloc
HeapAlloc
HeapSize
WideCharToMultiByte
FlushFileBuffers
HeapFree
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
CloseHandle
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
DeleteFileA
GetFileAttributesA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
SetStdHandle
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
SetEndOfFile

user32

MessageBoxA

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX0
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

830645704be2a2c7550d79184f7bbd81

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 27KB

UPX0 Size: 144KB - Virtual size: 380KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 27KB

UPX0
Size: 144KB - Virtual size: 380KB