1401f062e39191369d6a9103ef7ad34002cb3c774f7f33b4fe2ea5b6ccbe1a4a | Triage

Sharing

General

Target

1401f062e39191369d6a9103ef7ad34002cb3c774f7f33b4fe2ea5b6ccbe1a4a
Size

263KB
MD5

78e6b99c8e482dc5bc21b26ea5ff1800
SHA1

cb99291441ade5b8da6ec4137a208d494cf07ed2
SHA256

1401f062e39191369d6a9103ef7ad34002cb3c774f7f33b4fe2ea5b6ccbe1a4a
SHA512

fd2ffde724885a85c76e1c22c8548a3fc12af99f186ca0fadb1931b9d070b9d850267eb91e1a1a82384ca3e7815b10a54f599a65e73cf81e72a46d141ae6b2af
SSDEEP

3072:al+3Bld/4YIzqmViGHLgwmUyq/HyWgZqaeVOc0McU/9SnGsKQfFc80y7U30+Ob/F:4+x3/4YIWm1MxUyRzoVOBlYQflIG

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

1401f062e39191369d6a9103ef7ad34002cb3c774f7f33b4fe2ea5b6ccbe1a4a
.exe windows x86

c0d12f8ea6f84a926ae8a1cf8e2e32ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
WaitForSingleObject
CreateMutexA
GetVersionExA
CloseHandle
GetProcAddress
GlobalFree
lstrcmpiA
LoadLibraryA
lstrlenA
GlobalAlloc
lstrcpynA

user32

GetDlgItem
EnableWindow
SendMessageA
MessageBoxA
SetCursor
wsprintfA
EndDialog
DialogBoxParamA
LoadStringA
LoadCursorA
GetDC

gdi32

GetTextExtentPoint32A

advapi32

RegDeleteValueA
RegEnumValueA
RegEnumKeyExA
RegQueryInfoKeyA
SetSecurityDescriptorDacl
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor

comctl32

ord17

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX
Size: 241KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE