f39101535db98e9c240c374a83e8af9395160f5bad90bc8b71a028f803b84d22

Sharing

Copy URL Twitter E-mail

General

Target

f39101535db98e9c240c374a83e8af9395160f5bad90bc8b71a028f803b84d22
Size

407KB
MD5

485089f897679ea232adbbf1f7ad23a0
SHA1

e3bd42b3f7dc9b880d59ea85f8e2551d5171295c
SHA256

f39101535db98e9c240c374a83e8af9395160f5bad90bc8b71a028f803b84d22
SHA512

15d9bca2a0ba55a6ea2f2cbf98696719477964d2fbf454675400460260c2147a91a834fe5c62052ca405831e767b3b61422745939ed9aac5f7c6303f43b781c8
SSDEEP

6144:FPDRrOpaOzOziasW6wMaWZJlMItbsdVew3CQWx+LDxQVIRQZQ:JDkZdKvMaqfrxsdEiCQWSt6

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

f39101535db98e9c240c374a83e8af9395160f5bad90bc8b71a028f803b84d22
.exe windows x86

03557481bc3b99c7677b9a5bc55cb9e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DosDateTimeToFileTime
GetPrivateProfileStringA
GetCurrentProcess
LocalFileTimeToFileTime
SetFileTime
MoveFileExA
SetFilePointer
WriteFile
MoveFileA
GetFileAttributesA
lstrcmpA
SetEndOfFile
lstrcpynA
GetLocalTime
SetCurrentDirectoryA
GetDriveTypeA
GetDiskFreeSpaceA
CreateDirectoryA
GetLastError
GetCurrentThread
GetCurrentDirectoryA
GlobalReAlloc
FileTimeToLocalFileTime
GetFileTime
FileTimeToDosDateTime
GetPrivateProfileSectionA
SetFileAttributesA
DeleteFileA
FindNextFileA
FindClose
WinExec
Sleep
GetModuleFileNameA
GetSystemDefaultLCID
MulDiv
GetWindowsDirectoryA
GetTickCount
lstrcatA
lstrcmpiA
lstrlenA
lstrcpyA
CreateFileA
GetFileSize
GlobalAlloc
CloseHandle
GlobalLock
ReadFile
GlobalUnlock
GetModuleHandleA
GetSystemInfo
FindResourceA
LoadResource
SizeofResource
FreeResource
LockResource
OpenFile
_hwrite
_lclose
GetVersion
IsDBCSLeadByte
GetSystemDirectoryA
WriteProfileSectionA
WritePrivateProfileSectionA
WritePrivateProfileStringA
GlobalCompact
WriteProfileStringA
GetFileType
LCMapStringA
GetProfileSectionA
GlobalHandle
SetErrorMode
GlobalFree
LoadLibraryA
GetProcAddress
FreeLibrary
FindFirstFileA
RemoveDirectoryA
RtlUnwind
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetSystemTime
GetTimeZoneInformation
ExitProcess
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
LCMapStringW
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapReAlloc

user32

SetDlgItemTextA
LoadStringA
MessageBoxA
EndDialog
DialogBoxParamA
wsprintfA
PeekMessageA
SendDlgItemMessageA
BeginPaint
EndPaint
DefWindowProcA
LoadCursorA
GetClassInfoA
OemToCharA
KillTimer
PostQuitMessage
RegisterClassA
GetSysColor
IsDialogMessageA
CharLowerA
CreateWindowExA
EnableWindow
GetWindow
GetClassNameA
CharUpperA
GetWindowTextA
GetDlgItem
SendMessageA
PostMessageA
SetWindowTextA
GetSystemMetrics
SetWindowPos
ShowWindow
UpdateWindow
SetFocus
IsWindow
RegisterWindowMessageA
GetDC
ReleaseDC
ScreenToClient
SetTimer
LoadIconA
DestroyWindow
LoadBitmapA
CreateDialogParamA
InvalidateRect
IsWindowVisible
CharNextA
InflateRect
CharPrevA
CharToOemA
DdeGetData
DdeFreeDataHandle
DdeConnect
DdeClientTransaction
DdeGetLastError
DdeDisconnect
DdeFreeStringHandle
DdeUninitialize
DdeInitializeA
DdeCreateStringHandleA
ExitWindowsEx
FindWindowA
GetClientRect
FillRect
SetRect
SetRectEmpty
GetWindowLongA
GetWindowRect
DispatchMessageA
TranslateMessage
MessageBeep

gdi32

CreateDIBitmap
SelectPalette
GetDeviceCaps
CreatePalette
GetSystemPaletteEntries
LineTo
MoveToEx
DeleteObject
CreatePen
CreateFontIndirectA
GetObjectA
DeleteDC
BitBlt
CreateCompatibleDC
RestoreDC
Rectangle
GetStockObject
CreateSolidBrush
IntersectClipRect
SaveDC
CreateCompatibleBitmap
SetBkColor
CreateBitmap
SetPixel
GetTextExtentPointA
SelectObject
RealizePalette

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

AllocateAndInitializeSid
RegCloseKey
RegConnectRegistryA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
OpenSCManagerA
FreeSid
RegCreateKeyExA
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegEnumValueA
EqualSid
GetTokenInformation
OpenThreadToken

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

03557481bc3b99c7677b9a5bc55cb9e1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

version

Sections

.text Size: 125KB - Virtual size: 124KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 14KB - Virtual size: 18KB

.rsrc Size: 152KB - Virtual size: 151KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 125KB - Virtual size: 124KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 14KB - Virtual size: 18KB

.rsrc
Size: 152KB - Virtual size: 151KB

.UPX0
Size: 108KB - Virtual size: 260KB