aae7fc8dfd6b56800961e11f5199dc7f4c8701029b03d690877d962c64c00fc8

Sharing

Copy URL

Twitter E-mail

General

Target

aae7fc8dfd6b56800961e11f5199dc7f4c8701029b03d690877d962c64c00fc8
Size

184KB
MD5

5a4768d2db6a524533b961ba50c18eba
SHA1

86839b88eb63c8ecd27cdba2b2a0eb8439469e59
SHA256

aae7fc8dfd6b56800961e11f5199dc7f4c8701029b03d690877d962c64c00fc8
SHA512

ae858d8936fc80f5f4799dc1517869e0c9be099a7213e804f0bdceea45fd81f18d55174849f74e02f33840e6bffcd7292549b9032b95a1759dadd2681a5d9eda
SSDEEP

3072:nkkN9nvuieqRExuKiQ77BRS4NHnyPLZIExSpUAWZmgO83zJ+O2Y9Aa6F2xnW+58W:PN9v/lRExuyrcuWBAWZLO8Dx2LaW2x5H

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

aae7fc8dfd6b56800961e11f5199dc7f4c8701029b03d690877d962c64c00fc8
.exe windows x86

d25cdaedca1b91110ce66d6f5369c12d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_XcptFilter
_cexit
exit
_wcmdln
__wgetmainargs
_exit
_c_exit
wcscmp
_wcsicmp
wcslen
_wcsnicmp
??2@YAPAXI@Z
_purecall
wcscpy
wcscat
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
_controlfp
_except_handler3
free
??3@YAXPAX@Z

atl

ord35
ord31
ord44
ord11
ord10
ord30
ord58
ord32
ord45
ord20
ord17
ord23
ord57
ord18
ord43
ord16
ord21

advapi32

CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

kernel32

HeapAlloc
LoadLibraryA
GetProcessHeap
VirtualAlloc
GetCurrentThreadId
HeapFree
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
VirtualFree
lstrcpyW
HeapDestroy
LoadLibraryW
GetLastError
lstrlenW
FlushInstructionCache
GetCurrentProcess
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
SetLastError
GetModuleFileNameW
GetCurrentProcessId
CloseHandle
CreateMutexW
lstrcmpiW
GetCommandLineW
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
IsBadWritePtr
IsBadStringPtrW
lstrlenA
IsBadStringPtrA
FreeLibrary
GetProcAddress
GetTickCount
QueryPerformanceCounter
HeapCreate

gdi32

DeleteObject

user32

SetDlgItemTextW
SendDlgItemMessageW
EndDialog
CallWindowProcW
SetForegroundWindow
FindWindowW
SystemParametersInfoW
GetMonitorInfoW
MonitorFromRect
CreateWindowExW
LoadStringW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
PostMessageW
CharNextW
SendMessageW
ShowWindow
LoadImageW
SetWindowTextW
SetWindowPos
GetClientRect
SetTimer
KillTimer
MessageBoxW
DestroyWindow
SetWindowLongW
GetSysColorBrush
GetSystemMetrics
PostQuitMessage
LoadBitmapW
DefWindowProcW
GetWindowLongW

comctl32

CreateStatusWindowW
ImageList_Destroy
ImageList_Create
ImageList_AddMasked
ord17

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
LoadRegTypeLi
SafeArrayGetElement
VariantClear
SysAllocStringLen
SysStringLen
SysFreeString

shell32

CommandLineToArgvW

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d25cdaedca1b91110ce66d6f5369c12d

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

atl

advapi32

kernel32

gdi32

user32

comctl32

ole32

oleaut32

shell32

Sections

.text Size: 23KB - Virtual size: 22KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 51KB - Virtual size: 51KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 23KB - Virtual size: 22KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 51KB - Virtual size: 51KB

.UPX0
Size: 108KB - Virtual size: 260KB