28578512a9f01db11abe5f54a2cf8524fa901a3a44c289e1b330222531360f09

General

Target

28578512a9f01db11abe5f54a2cf8524fa901a3a44c289e1b330222531360f09
Size

120KB
MD5

6efb5f1f8fe9b64e44a916c5a0729500
SHA1

a5490ef39ea4338959523d3688848ef521c65ec1
SHA256

28578512a9f01db11abe5f54a2cf8524fa901a3a44c289e1b330222531360f09
SHA512

044976e67ebb2988e0fe89503afdb5343d82abcf17aa71ed957ceb423bd7da4da8bc2556d29225265c77f5d9f32cbd2668f4c2ddff4c25cfa83aa9c479f3a5df
SSDEEP

3072:Qv3R2N9aFuaUd68guIU5iyFCna5qPHeebQlMLNRxo8SrJN7/pYXFzr9Ij:SAHaFTUx9IU/8+ezRxyr3DpY1M

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

28578512a9f01db11abe5f54a2cf8524fa901a3a44c289e1b330222531360f09
.exe windows x86

2b68502eae5e6e6212dcf8f3430da993

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageW
CloseHandle
DeviceIoControl
CreateFileW
GetLastError
GetVolumePathNamesForVolumeNameW
SetLastError
QueryDosDeviceW
FindVolumeClose
FindNextVolumeW
FindFirstVolumeW
DefineDosDeviceW
FindVolumeMountPointClose
FindNextVolumeMountPointW
RemoveDirectoryW
WriteConsoleW
FindFirstVolumeMountPointW
SetVolumeMountPointW
DeleteVolumeMountPointW
GetConsoleMode
GetStdHandle
SetErrorMode
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
LocalAlloc
WriteFile
GetVolumeNameForVolumeMountPointW
LocalFree
SetThreadUILanguage

msvcrt

exit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_cexit
_except_handler3
_controlfp
_c_exit
_snwprintf
wcscat
wcslen
_XcptFilter
__set_app_type
_exit

user32

CharToOemW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b68502eae5e6e6212dcf8f3430da993

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 96B

.rsrc Size: 5KB - Virtual size: 4KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 96B

.rsrc
Size: 5KB - Virtual size: 4KB

.UPX0
Size: 108KB - Virtual size: 260KB