59022efde4987f08f8c5ce2020a8d1bb68f38edccb753662a24de07cd5610bd9

Sharing

Copy URL

Twitter E-mail

General

Target

59022efde4987f08f8c5ce2020a8d1bb68f38edccb753662a24de07cd5610bd9
Size

180KB
MD5

6b545d1fe1289978e255a32c91161a10
SHA1

2b03744c03e7bf09e199ba0c4275db1453bbf77e
SHA256

59022efde4987f08f8c5ce2020a8d1bb68f38edccb753662a24de07cd5610bd9
SHA512

61ce3027b1f6ccae986c68fb674de57c6b73165443c06572addf63a94effa34a463d0af0879c4661e00b259fa3b34789cf8c7013bf11b88232f83d9b9a4db717
SSDEEP

3072:uuITsc7oyRyVoa2NxvhCWbeLFK5+lt/qUaA9hg:uWu3RyriZhZbSc0ltCUaA9e

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

59022efde4987f08f8c5ce2020a8d1bb68f38edccb753662a24de07cd5610bd9
.exe windows x86

9e6962171c5345f00f4a8665575b2a66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
WaitForSingleObject
CreateProcessA
GetVersionExA
CopyFileA
DeleteFileA
Sleep
GetTempPathA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetEnvironmentVariableA
CompareStringW
OutputDebugStringA
FindFirstFileA
GetLastError
FindNextFileA
FindClose
SetFileAttributesA
SetLastError
GetModuleFileNameA
RemoveDirectoryA
ExitProcess
TerminateProcess
GetCurrentProcess
GetFileAttributesA
GetFullPathNameA
CreateDirectoryA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetCPInfo
GetACP
GetOEMCP
GetCurrentDirectoryA
GetDriveTypeA
WriteFile
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
ReadFile
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetProcAddress
LoadLibraryA
SetEndOfFile
CompareStringA

user32

FindWindowA
SendMessageA
MessageBoxA

advapi32

RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 104KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9e6962171c5345f00f4a8665575b2a66

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 960B

.UPX0 Size: 104KB - Virtual size: 252KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 960B

.UPX0
Size: 104KB - Virtual size: 252KB