ec9d0e49dbdd498c897d4d0fe331d4cbe6f66765e8c973c6fdaba616e804e6f3

Sharing

Copy URL Twitter E-mail

General

Target

ec9d0e49dbdd498c897d4d0fe331d4cbe6f66765e8c973c6fdaba616e804e6f3
Size

704KB
MD5

3570f058936ba08ab67f411bc4bc90ed
SHA1

44335bfe819e8c9a64ce8e0d79e55926d091b9f0
SHA256

ec9d0e49dbdd498c897d4d0fe331d4cbe6f66765e8c973c6fdaba616e804e6f3
SHA512

f6026e681d4fdb19add9cf422626f7657dca1b1ab92beb8374f416896489cde905e5df8a850a12850718cc1aecf758d4c25ff1d47ac283b1a86f27ca76325c44
SSDEEP

12288:EUtP7Jmf5H05fcQ5n1kWWreMTJVGRizzgrG/m+QOL+jDjkb1FdtvVXjCmh4xZ:a4p1kn/GRizzgrG/m0+ja1v7GY4H

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/249817@_Sig551_2krat_45sens.exe	upx

Files

ec9d0e49dbdd498c897d4d0fe331d4cbe6f66765e8c973c6fdaba616e804e6f3
.zip
249817@_Sig551_2krat_45sens.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 700KB - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$10TCCalendar
@$xp$10TGraphKind
@$xp$11TCGaugeKind
@$xp$17TPerformanceGraph
@$xp$18Cdiroutl@TTextCase
@$xp$26Idantifreeze@TIdAntiFreeze
@$xp$27Cdiroutl@TCDirectoryOutline
@$xp$7TCGauge
@$xp$ynpqqrp14System@TObject$v
@$xp$ynpqqrp14System@TObjecti$v
@@Ccalendr@Finalize
@@Ccalendr@Initialize
@@Cdiroutl@Finalize
@@Cdiroutl@Initialize
@@Cgauges@Finalize
@@Cgauges@Initialize
@@Perfgrap@Finalize
@@Perfgrap@Initialize
@@Unit1@Finalize
@@Unit1@Initialize
@@Unit2@Finalize
@@Unit2@Initialize
@@Unit3@Finalize
@@Unit3@Initialize
@Cdiroutl@TCDirectoryOutline@
@Cdiroutl@TCDirectoryOutline@$bctr$qqrp18Classes@TComponent
@Cdiroutl@TCDirectoryOutline@$bctr$qqrp6HWND__
@Cdiroutl@TCDirectoryOutline@APointer
@Cdiroutl@TCDirectoryOutline@AssignCaseProc$qqrv
@Cdiroutl@TCDirectoryOutline@BuildOneLevel$qqrl
@Cdiroutl@TCDirectoryOutline@BuildSubTree$qqrl
@Cdiroutl@TCDirectoryOutline@BuildTree$qqrv
@Cdiroutl@TCDirectoryOutline@Change$qqrv
@Cdiroutl@TCDirectoryOutline@Click$qqrv
@Cdiroutl@TCDirectoryOutline@CreateWnd$qqrv
@Cdiroutl@TCDirectoryOutline@CurDir$qv
@Cdiroutl@TCDirectoryOutline@DriveToInt$qqrc
@Cdiroutl@TCDirectoryOutline@Expand$qqri
@Cdiroutl@TCDirectoryOutline@ForceCase$qqrrx20System@UnicodeString
@Cdiroutl@TCDirectoryOutline@GetChildNamed$qqrrx20System@UnicodeStringl
@Cdiroutl@TCDirectoryOutline@InvalidIndex
@Cdiroutl@TCDirectoryOutline@Loaded$qqrv
@Cdiroutl@TCDirectoryOutline@RootIndex
@Cdiroutl@TCDirectoryOutline@SetDirectory$qqr20System@UnicodeString
@Cdiroutl@TCDirectoryOutline@SetDrive$qqrc
@Cdiroutl@TCDirectoryOutline@SetTextCase$qqr18Cdiroutl@TTextCase
@Cdiroutl@TCDirectoryOutline@WalkTree$qqrrx20System@UnicodeString
@Idantifreeze@Finalization$qqrv
@Idantifreeze@TIdAntiFreeze@
@Idantifreeze@TIdAntiFreeze@Process$qqrv
@Idantifreeze@initialization$qqrv
@TCCalendar@
@TCCalendar@$bctr$qqrp18Classes@TComponent
@TCCalendar@$bctr$qqrp6HWND__
@TCCalendar@Change$qqrv
@TCCalendar@ChangeMonth$qqri
@TCCalendar@Click$qqrv
@TCCalendar@DaysPerMonth$qqrii
@TCCalendar@DaysThisMonth$qqrv
@TCCalendar@Dispatch$qqrpv
@TCCalendar@DrawCell$qqriirx11Types@TRect42System@%Set$t14Grids@Grids__3$iuc$0$iuc$5%
@TCCalendar@GetCellText$qqrii
@TCCalendar@GetDateElement$qqri
@TCCalendar@IsLeapYear$qqri
@TCCalendar@NextMonth$qqrv
@TCCalendar@NextYear$qqrv
@TCCalendar@PrevMonth$qqrv
@TCCalendar@PrevYear$qqrv
@TCCalendar@SeTCCalendarDate$qqr16System@TDateTime
@TCCalendar@SelectCell$qqrii
@TCCalendar@SetDateElement$qqrii
@TCCalendar@SetStartOfWeek$qqrs
@TCCalendar@SetUseCurrentDate$qqro
@TCCalendar@StoreCalendarDate$qqrv
@TCCalendar@UpdateCalendar$qqrv
@TCCalendar@WMSize$qqrr16Messages@TWMSize
@TCGauge@
@TCGauge@$bctr$qqrp18Classes@TComponent
@TCGauge@AddProgress$qqrl
@TCGauge@GetPercentDone$qqrv
@TCGauge@Paint$qqrv
@TCGauge@PaintAsBar$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsNeedle$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsNothing$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsPie$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsText$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintBackground$qqrp16Graphics@TBitmap
@TCGauge@SeTCGaugeKind$qqr11TCGaugeKind
@TCGauge@SetBackColor$qqr15Graphics@TColor
@TCGauge@SetBorderStyle$qqr22Forms@TFormBorderStyle
@TCGauge@SetForeColor$qqr15Graphics@TColor
@TCGauge@SetMaxValue$qqrl
@TCGauge@SetMinValue$qqrl
@TCGauge@SetProgress$qqrl
@TCGauge@SetShowText$qqro
@TPerformanceGraph@
@TPerformanceGraph@$bctr$qqrp18Classes@TComponent
@TPerformanceGraph@$bdtr$qqrv
@TPerformanceGraph@CountY$qqrv
@TPerformanceGraph@DataPoint$qqr15Graphics@TColorl
@TPerformanceGraph@DisplayPoints$qqrl
@TPerformanceGraph@FirstY$qqrv
@TPerformanceGraph@GetBandCount$qqrv
@TPerformanceGraph@Initialize$qqrl
@TPerformanceGraph@LastY$qqri
@TPerformanceGraph@NextY$qqri
@TPerformanceGraph@Paint$qqrv
@TPerformanceGraph@PaintBar$qqr15Graphics@TColorll
@TPerformanceGraph@PaintLine$qqr15Graphics@TColorll
@TPerformanceGraph@ReallocHistory$qqrv
@TPerformanceGraph@Replay$qqrv
@TPerformanceGraph@RoundUp$qqrll
@TPerformanceGraph@ScrollGraph$qqrv
@TPerformanceGraph@SetBackColor$qqr15Graphics@TColor
@TPerformanceGraph@SetForeColor$qqr15Graphics@TColor
@TPerformanceGraph@SetGradient$qqrl
@TPerformanceGraph@SetGraphKind$qqr10TGraphKind
@TPerformanceGraph@SetGridSize$qqrl
@TPerformanceGraph@SetGridlines$qqro
@TPerformanceGraph@SetPenWidth$qqrl
@TPerformanceGraph@SetScale$qqrl
@TPerformanceGraph@SetStepSize$qqrl
@TPerformanceGraph@ShiftY$qqrv
@TPerformanceGraph@Update$qqrv
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 141KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 132KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.5MB

UPX1 Size: 700KB - Virtual size: 700KB

.rsrc Size: 71KB - Virtual size: 72KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.data Size: 74KB - Virtual size: 116KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 13KB - Virtual size: 16KB

.didata Size: 1024B - Virtual size: 4KB

.edata Size: 6KB - Virtual size: 8KB

.rsrc Size: 141KB - Virtual size: 144KB

.reloc Size: 132KB - Virtual size: 136KB

UPX0
Size: - Virtual size: 1.5MB

UPX1
Size: 700KB - Virtual size: 700KB

.rsrc
Size: 71KB - Virtual size: 72KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 74KB - Virtual size: 116KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 13KB - Virtual size: 16KB

.didata
Size: 1024B - Virtual size: 4KB

.edata
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 141KB - Virtual size: 144KB

.reloc
Size: 132KB - Virtual size: 136KB