41136529091af499f54b0546ed7acf1ef2047af3ffcfa8242c12a82bf764c235

Sharing

Copy URL

Twitter E-mail

General

Target

41136529091af499f54b0546ed7acf1ef2047af3ffcfa8242c12a82bf764c235
Size

140KB
MD5

9624dcda5999b9d36cf78dc9f4d8358d
SHA1

206f74c0f70a70450f52cba6466e85f42f5d37ba
SHA256

41136529091af499f54b0546ed7acf1ef2047af3ffcfa8242c12a82bf764c235
SHA512

dc9993adc918b47efbab827b6a09e034446a148d5a1fb967edd90407e5c172cec724a255c44a1314da66b9432915833438bf126fa8305b22a4d0ef621f7c5981
SSDEEP

3072:xt4WCbOzM+EJ3WR71i5/Cxp7ch7CbhlA7R4LWCqW4mZibIG8dp4:xt4WCbOzM+EMu/Cxp7chChlAyLWCDCIq

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

41136529091af499f54b0546ed7acf1ef2047af3ffcfa8242c12a82bf764c235
.exe windows x86

2b5e5523a207bf211624fe5fd910f546

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comdlg32

GetOpenFileNameA

msacm32

acmFormatChooseA
acmMetrics

msvcrt

__p__fmode
_XcptFilter
exit
_controlfp
_except_handler3
__set_app_type
_initterm
__p__commode
_adjust_fdiv
__setusermatherr
_exit
atof
sprintf
atol
_ftol
__getmainargs
__p__acmdln

winmm

timeGetTime

kernel32

WideCharToMultiByte
GlobalLock
GlobalHandle
lstrcatA
GetStartupInfoA
GetModuleHandleA
CreateFileA
GetFileSize
CloseHandle
GetFullPathNameA
LoadLibraryA
GetProcAddress
FreeLibrary
MulDiv
GetDiskFreeSpaceA
lstrlenA
lstrcpyA
GetProfileIntA
GetProfileStringA
WriteProfileStringA
MultiByteToWideChar
GlobalFree
GlobalUnlock
GlobalAlloc
OpenFile
lstrcpynA

user32

TranslateMessage
PeekMessageA
DefWindowProcA
DispatchMessageA
wsprintfA
GetAsyncKeyState
CheckMenuItem
EnableMenuItem
EndPaint
BeginPaint
PostQuitMessage
MoveWindow
GetSystemMetrics
GetClientRect
SetWindowPos
GetWindowRect
InvalidateRect
SetTimer
KillTimer
AppendMenuA
RemoveMenu
GetSubMenu
GetMenu
DialogBoxParamA
PostMessageA
MessageBoxA
WaitMessage
EndDialog
UpdateWindow
EnableWindow
MessageBeep
SetFocus
GetDlgItem
SetDlgItemInt
GetDlgItemInt
SetDlgItemTextA
IsCharAlphaNumericA
IsCharAlphaA
GetDlgItemTextA
CheckDlgButton
IsDlgButtonChecked
GetSysColor
LoadStringA
GetWindowLongA
GetWindowTextA
LoadAcceleratorsA
RegisterClassA
GetDC
ReleaseDC
CreateWindowExA
ShowWindow
SetWindowTextA
wvsprintfA
LoadCursorA
LoadIconA
TranslateAcceleratorA

gdi32

SetBkColor
CreateFontA
SetTextColor
SelectObject
GetStockObject
ExtTextOutA
CreateSolidBrush
DeleteObject
PatBlt
GetTextMetricsA

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoTaskMemAlloc

olepro32

ord250

oleaut32

SysFreeString

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b5e5523a207bf211624fe5fd910f546

Headers

File Characteristics

Imports

comdlg32

msacm32

msvcrt

winmm

kernel32

user32

gdi32

ole32

olepro32

oleaut32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 4KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 4KB

.UPX0
Size: 108KB - Virtual size: 260KB