62de9c12672418d38e0f92ad91b0c16a66cf69e5d40f8bd44a790323e1c123bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62de9c12672418d38e0f92ad91b0c16a66cf69e5d40f8bd44a790323e1c123bf
Size

25KB
MD5

44eb052698ed1894a7a6bfbf1293eca0
SHA1

9e8737e1a21a8b0db95291c81a377006ff57f419
SHA256

62de9c12672418d38e0f92ad91b0c16a66cf69e5d40f8bd44a790323e1c123bf
SHA512

a9c16df10e80c4f1ac816d7ca0e573c61ca4b6095d3a833db5740d7d636ab462cd28162d72c8b2f9615607b8fef5799f56d2fff6d9e5bc4a67bd60a76ca796df
SSDEEP

192:n6Xecw0kKLh0RczPJd1iVtpwZFEyncjWO9SwOGgxDqv7:6Xecwg3UVtSDn2SJ/qj

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

62de9c12672418d38e0f92ad91b0c16a66cf69e5d40f8bd44a790323e1c123bf
.exe windows x86

20abfdeaecdd331db776ab401fc6977a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetModuleHandleA
GetSystemTimeAsFileTime
LoadResource
ExitProcess
SizeofResource
WriteFile
lstrcatA
lstrcpyA
CreateFileA
CreateDirectoryA
LockResource
CloseHandle

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
ShellExecuteA

Sections

UPX0
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE