464e34bf47ab7308a65d4d016973598a7c1f0be7a4a6413361f0f94d495cdc99

Sharing

Copy URL

Twitter E-mail

General

Target

464e34bf47ab7308a65d4d016973598a7c1f0be7a4a6413361f0f94d495cdc99
Size

146KB
MD5

6ea9fd0ef513e2e1c75f53eb15f0baf4
SHA1

dad9ae6d0990131c322cb65d07b4502891102e12
SHA256

464e34bf47ab7308a65d4d016973598a7c1f0be7a4a6413361f0f94d495cdc99
SHA512

b698fcacca03d240a2b58f517177b90c7a3633abf34d4b4a8b51727fa0bff348f537a62d631a4b2db74ae3f61475c8092f4e764001f95ad0f03f0c9437791c04
SSDEEP

3072:6xDRi3tkVdjCXIrnZ7+agqDtVmcvjW8sgq9eUl1rmT1BS/IS2bkFEu:e4LXIrZ7rDmEjW8sgceUl1rm1LXO

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

464e34bf47ab7308a65d4d016973598a7c1f0be7a4a6413361f0f94d495cdc99
.exe windows x86

eef73320ef09ce236e9fc02b0f4c45cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateThread
ReleaseMutex
HeapAlloc
HeapCreate
HeapFree
lstrcmpiW
lstrcpynW
CreateSemaphoreW
CreateEventW
CreateRemoteThread
WriteFile
SetConsoleMode
GetStdHandle
ResetEvent
WriteConsoleInputW
SetConsoleTitleW
LeaveCriticalSection
EnterCriticalSection
SetEvent
FlushConsoleInputBuffer
ReadFile
SetConsoleCP
GetConsoleMode
ResumeThread
CreateProcessW
GetProcAddress
LoadLibraryW
SetStdHandle
DuplicateHandle
GetCurrentProcess
CreateFileW
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
SetConsoleTextAttribute
CreateConsoleScreenBuffer
lstrcmpW
ReadProcessMemory
VirtualQueryEx
GetModuleHandleW
SetConsoleWindowInfo
lstrcpyW
SetConsoleActiveScreenBuffer
WriteConsoleOutputW
ReadConsoleOutputW
SuspendThread
Sleep
WaitForMultipleObjects
SetThreadContext
VirtualProtectEx
WriteProcessMemory
lstrlenA
GetThreadContext
CreateNamedPipeW
CreatePipe
GetCurrentProcessId
OpenProcess
ExitProcess
ConnectNamedPipe
GetLargestConsoleWindowSize
SetConsoleCursorPosition
FillConsoleOutputCharacterW
GlobalFree
GlobalUnlock
ReadConsoleOutputCharacterW
GlobalLock
GlobalAlloc
GetFullPathNameW
GetModuleFileNameW
GetCommandLineW
GetProcessHeap
WriteConsoleW
GetConsoleTitleW
InitializeCriticalSection
GetConsoleCursorInfo
GetConsoleOutputCP
GetConsoleCP
GetModuleFileNameA
CreateMutexW
SetConsoleCtrlHandler
GetVersionExW
DisconnectNamedPipe
lstrlenW
GetEnvironmentVariableW
lstrcatW
WaitForSingleObject
SetConsoleScreenBufferSize
ReleaseSemaphore

user32

EmptyClipboard
OpenClipboard
SetCursorPos
GetSystemMetrics
GetWindowRect
GetClientRect
FindWindowW
RegisterWindowMessageW
CreateWindowExW
RegisterClassExW
LoadImageW
DefWindowProcW
GetWindowTextW
TrackPopupMenu
SetForegroundWindow
SetClipboardData
InsertMenuItemW
GetCursorPos
CreatePopupMenu
DestroyMenu
UnhookWindowsHookEx
DispatchMessageW
GetMessageW
PeekMessageW
SetWindowsHookExW
SetWindowPlacement
LoadKeyboardLayoutW
CopyImage
ShowWindow
GetForegroundWindow
CallNextHookEx
CloseClipboard
DestroyIcon
SendMessageW
wsprintfW
GetWindowPlacement

advapi32

RegEnumValueW
RegCloseKey
RegQueryValueExW
OpenProcessToken
RegOpenKeyExW

rpcrt4

UuidToStringW
RpcStringFreeW

ole32

CoCreateGuid

shell32

Shell_NotifyIconW

hook

CallBackCalls
KeyHook
MouseHook
ProcessMouse
ProcessKeyPress

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eef73320ef09ce236e9fc02b0f4c45cb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

rpcrt4

ole32

shell32

hook

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 2KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 2KB

.UPX0
Size: 108KB - Virtual size: 260KB