c3798d27f52886557e830694ce7bab7ba4c53a13530843d87099c6f0e4d33f2b

Sharing

Copy URL

Twitter E-mail

General

Target

c3798d27f52886557e830694ce7bab7ba4c53a13530843d87099c6f0e4d33f2b
Size

192KB
MD5

6ec4b585ed8de1863cd551da203d076c
SHA1

1d3cf2f8dce43f8675ec3bda60b481ce0e861c71
SHA256

c3798d27f52886557e830694ce7bab7ba4c53a13530843d87099c6f0e4d33f2b
SHA512

703e81313b0384c488eed1ca928cec5cbe86e594f437149985f1495eb60a7ecf1909995d45fc6117990eb24b37acf865f389644f4561b00a87cc83d3d8fe9427
SSDEEP

3072:XbUC0zXfm8TgTX46YUKDuGVApxTr3Mnm3AtG/dduXjHCHlwSHhVagafnbw7dVF//:XYCOXfUmApxTr3Mnj2oXjslwSHhVagaV

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

c3798d27f52886557e830694ce7bab7ba4c53a13530843d87099c6f0e4d33f2b
.exe windows x86

e688aa41be4596de907529171fd716dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

avifil32

AVIFileInit
AVIFileGetStream
AVIGetFromClipboard
AVIFileExit
AVIFileOpenA
CreateEditableStream
AVIStreamGetFrame
EditStreamSetNameA
AVIClearClipboard
AVIPutFileOnClipboard
AVIMakeFileFromStreams
EditStreamClone
EditStreamCut
EditStreamCopy
AVIStreamRelease
AVISaveVA
AVIBuildFilterA
AVISaveOptions
AVIFileRelease
AVISaveOptionsFree
AVIStreamGetFrameOpen
AVIStreamGetFrameClose
EditStreamPaste
AVIStreamStart
AVIStreamTimeToSample
AVIStreamLength
AVIStreamRead
AVIStreamSampleToTime
AVIStreamInfoA
EditStreamSetInfoA
AVIStreamReadFormat

msvfw32

DrawDibClose
DrawDibOpen
DrawDibRealize
GetOpenFileNamePreviewA
DrawDibDraw
ord2

winmm

timeGetTime
waveInStart
waveInStop
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInUnprepareHeader
waveInReset
waveInClose
waveOutUnprepareHeader
waveOutClose
waveOutReset
waveOutPause
waveOutRestart
waveOutWrite
waveOutGetPosition
waveOutOpen
sndPlaySoundA
waveOutPrepareHeader

kernel32

GlobalFree
GlobalAlloc
GlobalReAlloc
GlobalSize
lstrcpyA
lstrlenA
CopyFileA
DeleteFileA
SetFileAttributesA
GetFileAttributesA
GetWindowsDirectoryA
ReadFile
CreateThread
CreateFileA
TerminateThread
WaitForSingleObject
CloseHandle
WriteFile
GlobalUnlock
GlobalLock
GetModuleFileNameA
Sleep
SetConsoleCtrlHandler
LocalFree
FormatMessageA
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
GetProcAddress
LoadLibraryA
GetStringTypeA
GetStringTypeW
FlushFileBuffers
SetStdHandle
GetFileType
GlobalHandle
HeapCreate
HeapFree
GetLastError
LCMapStringA
MultiByteToWideChar
HeapAlloc
VirtualAlloc
LCMapStringW
VirtualFree
RtlUnwind
GetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
TerminateProcess
ExitProcess
HeapDestroy
GetVersionExA

user32

SetDlgItemInt
DefDlgProcA
SendDlgItemMessageA
EndDialog
DialogBoxParamA
wvsprintfA
KillTimer
SetTimer
LoadIconA
RegisterClassA
CreateWindowExA
ShowWindow
SetActiveWindow
SetWindowTextA
EnableMenuItem
ModifyMenuA
SetScrollRange
SetScrollPos
SetDlgItemTextA
GetDlgItemInt
EndPaint
LoadStringA
InflateRect
FrameRect
wsprintfA
GetSysColor
PeekMessageA
TranslateMessage
DispatchMessageA
InvalidateRect
LoadCursorA
SetCursor
PostMessageA
DefWindowProcA
GetAsyncKeyState
GetClipboardOwner
OpenClipboard
EmptyClipboard
CloseClipboard
PostQuitMessage
GetClientRect
GetDlgItemTextA
BeginPaint
CheckMenuItem
GetParent
CallWindowProcA
GetWindowTextA
DestroyWindow
GetWindowLongA
SetWindowLongA
SetFocus
TranslateAcceleratorA
SendMessageA
UpdateWindow
WaitMessage
MessageBeep
MessageBoxA
GetDC
ReleaseDC
GetScrollPos
LoadAcceleratorsA

gdi32

PatBlt
SelectObject
SetBkColor
DeleteObject
CreateSolidBrush
ExtTextOutA
GetStockObject
GetBkColor
TextOutA
ExcludeClipRect

comdlg32

GetSaveFileNameA

advapi32

DeleteService
CloseServiceHandle
RegisterEventSourceA
ReportEventA
DeregisterEventSource
SetServiceStatus
StartServiceCtrlDispatcherA
RegOpenKeyA
OpenServiceA
RegisterServiceCtrlHandlerA
ControlService
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
QueryServiceStatus
RegCloseKey
CreateServiceA
OpenSCManagerA

shell32

DragQueryFileA
DragFinish
DragAcceptFiles

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e688aa41be4596de907529171fd716dc

Headers

File Characteristics

Imports

avifil32

msvfw32

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 21KB

.rsrc Size: 8KB - Virtual size: 6KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 21KB

.rsrc
Size: 8KB - Virtual size: 6KB

.UPX0
Size: 108KB - Virtual size: 260KB