809e1a4e53387a9546a943eea5dc7ae4174bb20d8a33e5bdada233f7b64fcad9

Sharing

Copy URL Twitter E-mail

General

Target

809e1a4e53387a9546a943eea5dc7ae4174bb20d8a33e5bdada233f7b64fcad9
Size

260KB
MD5

4af74a27d2c530763b8eeb8722319360
SHA1

98e42d47d0fbb3c8b1161d6358d7e8a75a635508
SHA256

809e1a4e53387a9546a943eea5dc7ae4174bb20d8a33e5bdada233f7b64fcad9
SHA512

2e8b8e210398dbf6bb9c837fbcc73a87ab79d9a113230a1abf18b552a5b2cf517ab8f3f45dd702e28b71e8c4c55dad7bdbc296d2296cb57f26b89f2c3c3af08d
SSDEEP

6144:FzZSLGcUvjOjSLYChbfIWoHteCCCCwYqvaVYju22Q0ipyHFFGdW:5ZSLGzqalXoNhYqvaVYju22MgvcW

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

809e1a4e53387a9546a943eea5dc7ae4174bb20d8a33e5bdada233f7b64fcad9
.exe windows x86

a38a9e753061cfd0359723477b26e96d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
GetDesktopWindow
EnableWindow
IsDlgButtonChecked
GetWindowRect
ScreenToClient
MoveWindow
SendMessageA
DestroyWindow
SetWindowTextA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
MessageBoxA
DefWindowProcA
PostQuitMessage
GetSystemMenu
RemoveMenu
CharToOemA
GetForegroundWindow
DialogBoxIndirectParamA
SetForegroundWindow
SendDlgItemMessageA
GetDlgItem
SetFocus
GetDlgItemTextA
EndDialog
SetDlgItemTextA
CheckDlgButton

comdlg32

GetOpenFileNameA

kernel32

SetConsoleCtrlHandler
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
FlushFileBuffers
InitializeCriticalSection
GetOEMCP
RtlUnwind
GetStringTypeW
GetStringTypeA
VirtualQuery
GetSystemInfo
VirtualProtect
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
HeapCreate
FindClose
FindFirstFileA
GetDiskFreeSpaceA
GetFullPathNameA
CompareStringA
lstrcpyA
GetDriveTypeA
lstrcatA
GetFileAttributesA
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetACP
lstrlenA
LocalFree
LocalHandle
GetModuleHandleA
LocalAlloc
Sleep
lstrcpynA
FreeLibrary
FindNextFileA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetTempFileNameA
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
GetStdHandle
CreateDirectoryA
SetFileAttributesA
CloseHandle
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
RemoveDirectoryA
MoveFileA
GetTempPathA
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
SetPriorityClass
GetCurrentProcess
GetLastError
SetFilePointer
GetFileType
ReadFile
HeapAlloc
WriteFile
HeapFree
HeapReAlloc
ExitThread
TlsSetValue
TlsGetValue
ResumeThread
CreateThread
DeleteFileA
GetCommandLineA
GetVersionExA
LCMapStringA
WideCharToMultiByte
LCMapStringW
TlsFree
SetLastError
GetCurrentThreadId
TlsAlloc
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
SetEndOfFile
ExitProcess
TerminateProcess
HeapDestroy

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a38a9e753061cfd0359723477b26e96d

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 56KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 56KB

.UPX0
Size: 108KB - Virtual size: 260KB