e801d762d82227bb842694e5c06540a3794f01d943e50786bc5461643f0872bd

Sharing

Copy URL

Twitter E-mail

General

Target

e801d762d82227bb842694e5c06540a3794f01d943e50786bc5461643f0872bd
Size

696KB
MD5

62f1beef0ca144de0284a6c371de162b
SHA1

44cde1cd066f166ad99a4741fecb6ec3330d7fa3
SHA256

e801d762d82227bb842694e5c06540a3794f01d943e50786bc5461643f0872bd
SHA512

d996a0eb9258ffdacabf33f0c9eec3e0d5e105c03c86051d89372a9198895c2074f8c874e2961d6199d777be151931e9b146db077762b5f698873927c898e155
SSDEEP

12288:xTgm52m+DXdIjEk7gYFO7cu6OL95Uli7kwEsEeP+Vu:xTgm52mqXdIj8YFO7cjuryixGV

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

e801d762d82227bb842694e5c06540a3794f01d943e50786bc5461643f0872bd
.exe windows x86

8728651f82db62acdfa11d6bb6074453

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DrawEx
CreateStatusWindowW
InitCommonControlsEx

ws2_32

inet_addr
WSAGetLastError
gethostbyname
inet_ntoa
htonl
getservbyname
htons
gethostbyaddr
getservbyport
ntohs
WSASetLastError
connect
setsockopt
getpeername
gethostname
recv
send
bind
listen
getsockname
__WSAFDIsSet
accept
select
shutdown
closesocket
WSACleanup
WSAStartup
socket

kernel32

GetStdHandle
QueryPerformanceCounter
QueryPerformanceFrequency
SetConsoleScreenBufferSize
AllocConsole
GetTimeFormatA
GetDateFormatA
GetLocalTime
FlushFileBuffers
SetFilePointer
GetProcAddress
FreeLibrary
LoadLibraryA
GetSystemDirectoryA
GetFileAttributesExW
FileTimeToSystemTime
FindClose
FindNextFileW
GetSystemTime
FindFirstFileW
GetModuleFileNameW
ExitProcess
FormatMessageA
GetCommandLineW
GetModuleHandleW
CreateMutexA
CreateMutexW
SetLastError
LocalFree
SetEvent
FileTimeToLocalFileTime
SetThreadPriority
GetDiskFreeSpaceExA
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
GetFileSize
GetSystemDefaultLangID
WriteConsoleW
HeapReAlloc
HeapFree
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetFileAttributesW
GetFileAttributesA
GetVolumeInformationW
CreateDirectoryW
GetFullPathNameW
GetLongPathNameW
RaiseException
ExpandEnvironmentStringsW
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
GetOEMCP
GetACP
GetCPInfo
HeapCreate
HeapDestroy
HeapSize
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetStartupInfoA
GetVersionExA
GetCommandLineA
GetSystemTimeAsFileTime
RtlUnwind
SetConsoleTextAttribute
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapCompact
GetFileInformationByHandle
CreateEventA
CreateThread
CloseHandle
CancelIo
WaitForSingleObject
GetSystemInfo
VirtualAlloc
DeviceIoControl
VirtualFree
GetOverlappedResult
WriteFile
ReadFile
GetDriveTypeA
GetVolumeInformationA
CreateFileA
CreateFileW
MoveFileExW
GetLastError
DeleteFileW
MoveFileW
LCMapStringA
LCMapStringW
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetTickCount
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
HeapAlloc

user32

CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EnumWindows
GetSysColorBrush
IsDlgButtonChecked
GetDlgItemInt
InsertMenuW
GetSubMenu
GetMenuItemID
GetSysColor
DrawTextExA
ScreenToClient
GetScrollInfo
ScrollWindowEx
SetScrollInfo
GetWindowDC
MessageBeep
SetCursorPos
TrackMouseEvent
GetDoubleClickTime
SetDlgItemTextW
GetClassNameW
CallNextHookEx
SetDlgItemInt
SendDlgItemMessageW
GetWindow
UnhookWindowsHookEx
SetWindowsHookExW
IsCharAlphaNumericW
GetCursorPos
CreateMenu
SetMenuDefaultItem
TrackPopupMenu
DestroyMenu
GetClassInfoExW
RegisterClassExW
GetMenuItemCount
CreatePopupMenu
AppendMenuW
RemoveMenu
SetMenuItemInfoW
AdjustWindowRect
IsWindowEnabled
EnableWindow
CreateDialogIndirectParamW
BringWindowToTop
DialogBoxIndirectParamW
EnumChildWindows
RegisterClipboardFormatW
UpdateWindow
InvalidateRgn
ClientToScreen
OffsetRect
CopyRect
EnumDisplayMonitors
MonitorFromRect
CheckDlgButton
SendMessageW
CreateWindowExW
GetMonitorInfoW
SystemParametersInfoW
IntersectRect
GetDC
ReleaseDC
GetSystemMetrics
SetCapture
SetWindowPos
SetWindowLongW
GetWindowLongW
GetCapture
ReleaseCapture
DestroyIcon
PostQuitMessage
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
WaitMessage
LoadImageW
LoadIconW
FindWindowW
FindWindowA
GetWindowThreadProcessId
SendMessageTimeoutW
PostMessageW
MessageBoxA
GetDesktopWindow
FindWindowExA
GetFocus
IsClipboardFormatAvailable
GetMenuItemInfoW
RedrawWindow
SetActiveWindow
IsIconic
CallWindowProcW
IsWindowVisible
IsZoomed
MonitorFromWindow
SetMenu
GetWindowTextLengthW
GetWindowTextW
GetAsyncKeyState
RegisterWindowMessageA
CreateWindowExA
DefWindowProcW
RegisterHotKey
GetDlgItem
SetWindowTextW
FillRect
DrawTextExW
SetFocus
SetForegroundWindow
ShowWindow
GetWindowRect
GetParent
SetTimer
KillTimer
UnregisterHotKey
RegisterDeviceNotificationW
UnregisterDeviceNotification
MessageBoxW
CharLowerW
BeginPaint
LoadBitmapW
GetClientRect
EndPaint
SetCursor
LoadCursorW
InvalidateRect
EndDialog
DestroyWindow

gdi32

CombineRgn
CreateRectRgn
GetTextExtentPoint32A
RectVisible
GetTextExtentExPointW
GetTextExtentExPointA
CreateBitmapIndirect
TextOutW
TextOutA
GetBkColor
OffsetClipRgn
SelectClipRgn
OffsetRgn
CreateCompatibleBitmap
GetDCOrgEx
GetRandomRgn
CreatePatternBrush
SetBrushOrgEx
PatBlt
GetTextMetricsW
CreateCompatibleDC
SetTextColor
BitBlt
ExcludeClipRect
SetBkMode
GetStockObject
GetObjectW
CreateFontIndirectW
CreateDIBSection
GdiFlush
DeleteDC
SetBkColor
SelectObject
GetTextExtentPointW
CreateSolidBrush
GetTextExtentPoint32W
DeleteObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCreateKeyExW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
DeleteService
ControlService
CreateServiceW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
StartServiceW
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerA
SetServiceStatus
RegCloseKey
RegDeleteValueW
RegSetValueExA
RegOpenKeyExW

shell32

SHGetMalloc
SHGetSpecialFolderPathW
ord190
ord155
ord88
DragQueryFileW
SHFileOperationW
ord73
SHGetDesktopFolder
ShellExecuteA
Shell_NotifyIconW
SHChangeNotify
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoA
CommandLineToArgvW
ShellExecuteExW
SHGetFileInfoW

ole32

CoUninitialize
OleUninitialize
OleInitialize
CoInitializeEx
CoTaskMemFree
CoCreateInstance
OleDuplicateData
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop

shlwapi

SHDeleteKeyW

Sections

.text
Size: 464KB - Virtual size: 464KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8728651f82db62acdfa11d6bb6074453

Headers

File Characteristics

Imports

comctl32

ws2_32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 464KB - Virtual size: 464KB

.rdata Size: 69KB - Virtual size: 68KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 44KB - Virtual size: 44KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 464KB - Virtual size: 464KB

.rdata
Size: 69KB - Virtual size: 68KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 44KB - Virtual size: 44KB

.UPX0
Size: 108KB - Virtual size: 260KB