1a3fa7558400982ec76f7e9aaf65e1ad99a0b66f6d9beaa64dfaf564225fc765

Sharing

Copy URL

Twitter E-mail

General

Target

1a3fa7558400982ec76f7e9aaf65e1ad99a0b66f6d9beaa64dfaf564225fc765
Size

204KB
MD5

810043764f0cfc4f149a1b50d0c193c3
SHA1

6c0a1ed087ae16fefb53b96c8c82b0c6d102e074
SHA256

1a3fa7558400982ec76f7e9aaf65e1ad99a0b66f6d9beaa64dfaf564225fc765
SHA512

da5490e809bf377d0e18ff8cb93cbfc314bb90c72a8bdf9d692030ea9e5a5a1adfce8e484ab9af024bdc51b1291c3249c884bc3b3e44159388315d2266a54afc
SSDEEP

6144:uOJJzpzdTTjy+rkatvEnzRZxzSvpodWFNP:v7zpzl6+xtvIRZxep1

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

1a3fa7558400982ec76f7e9aaf65e1ad99a0b66f6d9beaa64dfaf564225fc765
.exe windows x86

b83e7ec9a45f52fad5c1b2ff89ca4503

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
PropertySheetA

kernel32

MoveFileA
CreateDirectoryA
FindClose
FindFirstFileA
GetProcAddress
LoadLibraryA
GetVersionExA
FindNextFileA
FreeEnvironmentStringsA
GetEnvironmentStrings
ReadFile
GetModuleHandleA
WriteFile
GetCommandLineA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
CreateFileA
InterlockedExchange
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualQuery
GetSystemInfo
VirtualProtect
HeapReAlloc
VirtualAlloc
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
GetStringTypeA
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
SetFilePointer
SetEndOfFile
CloseHandle
GetUserDefaultLCID
GetLocaleInfoA
GetNumberFormatA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetModuleFileNameA
ExpandEnvironmentStringsA
HeapSize
RtlUnwind
GetStartupInfoA
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
SetLastError
GetCurrentThreadId
GetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapFree
HeapAlloc
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
ExitProcess
TerminateProcess
GetCurrentProcess
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType

user32

FillRect
FindWindowExA
GetNextDlgTabItem
CreateWindowExA
GetDlgItemTextA
CheckRadioButton
CheckDlgButton
GetWindowTextA
SetWindowTextA
IsDlgButtonChecked
MessageBoxA
GetSystemMetrics
LoadImageA
GetMessageA
GetActiveWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
DialogBoxParamA
CreateDialogParamA
ShowWindow
ScreenToClient
IsWindowVisible
MoveWindow
EndDialog
SetWindowLongA
GetWindowLongA
GetParent
GetWindowRect
GetDlgItem
SendMessageA
EnableWindow

gdi32

TextOutA
GetBkColor
SetBkColor
DeleteObject
CreateSolidBrush
GetStockObject
SetTextAlign

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b83e7ec9a45f52fad5c1b2ff89ca4503

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 8KB - Virtual size: 6KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 6KB

.UPX0
Size: 108KB - Virtual size: 260KB