92b6a4b5a13a6fd1cf474c44e633747929b6cb8cc09fd904fc61001ce90b0e96

General

Target

92b6a4b5a13a6fd1cf474c44e633747929b6cb8cc09fd904fc61001ce90b0e96
Size

123KB
MD5

0063dee5b5883d47af757283db70d9fa
SHA1

e96e3d8d6fe7d922532023269c8066b863cc543f
SHA256

92b6a4b5a13a6fd1cf474c44e633747929b6cb8cc09fd904fc61001ce90b0e96
SHA512

861652826cb2c8124cacae3c59a2fc1496b9eb786f26f1eeed15942230ad3a8062f9ee12e4b6b6d21cd76390f4c3c495ef06bb27934f85995ecaba2b657c99bf
SSDEEP

3072:rzC7HQnzcP9hKWFV8F3Uy+NmUSMnmBaa8t33lzx3Avxl0:rztYtV7y+NmUfmi33nUxu

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

92b6a4b5a13a6fd1cf474c44e633747929b6cb8cc09fd904fc61001ce90b0e96
.exe windows x86

42731ddbafa27627e319d7c07ce88de5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringW

utildll

TestUserForAdmin

kernel32

GetSystemTimeAsFileTime
GetCurrentProcess
SetUnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
GetSystemInfo
CloseHandle
MapViewOfFile
GetFileSize
CreateFileMappingW
GetLastError
CreateFileW
SetThreadUILanguage
GetConsoleOutputCP
FreeLibrary
LoadLibraryW
SetLastError
WriteConsoleW
GetFileType
GetStdHandle
MultiByteToWideChar
GetModuleHandleW
FormatMessageW
GetProcAddress
LocalFree
LocalAlloc
GetCommandLineW
GetFileAttributesW
lstrcpynW
FindNextFileW
FindFirstFileW
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
TerminateProcess

ntdll

_wcslwr
memmove
_wcsnicmp
wcstol
wcschr
wcstoul
wcscmp
wcscpy
wcslen
_snwprintf
RtlImageNtHeader
wcscat
_ultoa
wcsncpy

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_wsetlocale
setlocale
fprintf
_iob
malloc
free
vfwprintf
vswprintf
fwprintf
_wcsdup
_c_exit
_exit
_adjust_fdiv
_cexit
exit
__initenv
__getmainargs
_initterm
__setusermatherr
_XcptFilter

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

42731ddbafa27627e319d7c07ce88de5

Headers

DLL Characteristics

File Characteristics

Imports

user32

utildll

kernel32

ntdll

msvcrt

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 1024B - Virtual size: 5KB

.rsrc Size: 3KB - Virtual size: 2KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 1024B - Virtual size: 5KB

.rsrc
Size: 3KB - Virtual size: 2KB

.UPX0
Size: 108KB - Virtual size: 260KB