cffe3af7157aaa84f9c0da88f9d04bc4da77d99a5fe16c2f45893f2920ac54db

Sharing

Copy URL Twitter E-mail

General

Target

cffe3af7157aaa84f9c0da88f9d04bc4da77d99a5fe16c2f45893f2920ac54db
Size

703KB
MD5

c22d76e1a66894c1a80934b0c8216fbd
SHA1

ef45b950a74305ea0a2ab67af8a91afdc3971816
SHA256

cffe3af7157aaa84f9c0da88f9d04bc4da77d99a5fe16c2f45893f2920ac54db
SHA512

5969d07abfcc15d3b39263f328f7fb09ab2fde0179a9e4f2ce8e6f5600bd0ce08dc0fb03bfba386e95d30c9c5c8c77c183169cf25efa910a25356b38696310fa
SSDEEP

12288:F37F+eTscu5hzWrLp4nc5FVR0XrKAkoEHCWe9z+zhTlqW0599HL6nFaJtl:F3tgcu5hztAVKrViHCWe9AhTQW0/FLmI

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/141026@__VkDuty_394[Chemodan].exe	upx

Files

cffe3af7157aaa84f9c0da88f9d04bc4da77d99a5fe16c2f45893f2920ac54db
.zip
141026@__VkDuty_394[Chemodan].exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 699KB - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$10TCCalendar
@$xp$10TGraphKind
@$xp$11TCGaugeKind
@$xp$17TPerformanceGraph
@$xp$18Cdiroutl@TTextCase
@$xp$26Idantifreeze@TIdAntiFreeze
@$xp$27Cdiroutl@TCDirectoryOutline
@$xp$7TCGauge
@$xp$ynpqqrp14System@TObject$v
@$xp$ynpqqrp14System@TObjecti$v
@@Ccalendr@Finalize
@@Ccalendr@Initialize
@@Cdiroutl@Finalize
@@Cdiroutl@Initialize
@@Cgauges@Finalize
@@Cgauges@Initialize
@@Perfgrap@Finalize
@@Perfgrap@Initialize
@@Unit1@Finalize
@@Unit1@Initialize
@@Unit2@Finalize
@@Unit2@Initialize
@@Unit3@Finalize
@@Unit3@Initialize
@Cdiroutl@TCDirectoryOutline@
@Cdiroutl@TCDirectoryOutline@$bctr$qqrp18Classes@TComponent
@Cdiroutl@TCDirectoryOutline@$bctr$qqrp6HWND__
@Cdiroutl@TCDirectoryOutline@APointer
@Cdiroutl@TCDirectoryOutline@AssignCaseProc$qqrv
@Cdiroutl@TCDirectoryOutline@BuildOneLevel$qqrl
@Cdiroutl@TCDirectoryOutline@BuildSubTree$qqrl
@Cdiroutl@TCDirectoryOutline@BuildTree$qqrv
@Cdiroutl@TCDirectoryOutline@Change$qqrv
@Cdiroutl@TCDirectoryOutline@Click$qqrv
@Cdiroutl@TCDirectoryOutline@CreateWnd$qqrv
@Cdiroutl@TCDirectoryOutline@CurDir$qv
@Cdiroutl@TCDirectoryOutline@DriveToInt$qqrc
@Cdiroutl@TCDirectoryOutline@Expand$qqri
@Cdiroutl@TCDirectoryOutline@ForceCase$qqrrx20System@UnicodeString
@Cdiroutl@TCDirectoryOutline@GetChildNamed$qqrrx20System@UnicodeStringl
@Cdiroutl@TCDirectoryOutline@InvalidIndex
@Cdiroutl@TCDirectoryOutline@Loaded$qqrv
@Cdiroutl@TCDirectoryOutline@RootIndex
@Cdiroutl@TCDirectoryOutline@SetDirectory$qqr20System@UnicodeString
@Cdiroutl@TCDirectoryOutline@SetDrive$qqrc
@Cdiroutl@TCDirectoryOutline@SetTextCase$qqr18Cdiroutl@TTextCase
@Cdiroutl@TCDirectoryOutline@WalkTree$qqrrx20System@UnicodeString
@Idantifreeze@Finalization$qqrv
@Idantifreeze@TIdAntiFreeze@
@Idantifreeze@TIdAntiFreeze@Process$qqrv
@Idantifreeze@initialization$qqrv
@TCCalendar@
@TCCalendar@$bctr$qqrp18Classes@TComponent
@TCCalendar@$bctr$qqrp6HWND__
@TCCalendar@Change$qqrv
@TCCalendar@ChangeMonth$qqri
@TCCalendar@Click$qqrv
@TCCalendar@DaysPerMonth$qqrii
@TCCalendar@DaysThisMonth$qqrv
@TCCalendar@Dispatch$qqrpv
@TCCalendar@DrawCell$qqriirx11Types@TRect42System@%Set$t14Grids@Grids__3$iuc$0$iuc$5%
@TCCalendar@GetCellText$qqrii
@TCCalendar@GetDateElement$qqri
@TCCalendar@IsLeapYear$qqri
@TCCalendar@NextMonth$qqrv
@TCCalendar@NextYear$qqrv
@TCCalendar@PrevMonth$qqrv
@TCCalendar@PrevYear$qqrv
@TCCalendar@SeTCCalendarDate$qqr16System@TDateTime
@TCCalendar@SelectCell$qqrii
@TCCalendar@SetDateElement$qqrii
@TCCalendar@SetStartOfWeek$qqrs
@TCCalendar@SetUseCurrentDate$qqro
@TCCalendar@StoreCalendarDate$qqrv
@TCCalendar@UpdateCalendar$qqrv
@TCCalendar@WMSize$qqrr16Messages@TWMSize
@TCGauge@
@TCGauge@$bctr$qqrp18Classes@TComponent
@TCGauge@AddProgress$qqrl
@TCGauge@GetPercentDone$qqrv
@TCGauge@Paint$qqrv
@TCGauge@PaintAsBar$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsNeedle$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsNothing$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsPie$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintAsText$qqrp16Graphics@TBitmaprx11Types@TRect
@TCGauge@PaintBackground$qqrp16Graphics@TBitmap
@TCGauge@SeTCGaugeKind$qqr11TCGaugeKind
@TCGauge@SetBackColor$qqr15Graphics@TColor
@TCGauge@SetBorderStyle$qqr22Forms@TFormBorderStyle
@TCGauge@SetForeColor$qqr15Graphics@TColor
@TCGauge@SetMaxValue$qqrl
@TCGauge@SetMinValue$qqrl
@TCGauge@SetProgress$qqrl
@TCGauge@SetShowText$qqro
@TPerformanceGraph@
@TPerformanceGraph@$bctr$qqrp18Classes@TComponent
@TPerformanceGraph@$bdtr$qqrv
@TPerformanceGraph@CountY$qqrv
@TPerformanceGraph@DataPoint$qqr15Graphics@TColorl
@TPerformanceGraph@DisplayPoints$qqrl
@TPerformanceGraph@FirstY$qqrv
@TPerformanceGraph@GetBandCount$qqrv
@TPerformanceGraph@Initialize$qqrl
@TPerformanceGraph@LastY$qqri
@TPerformanceGraph@NextY$qqri
@TPerformanceGraph@Paint$qqrv
@TPerformanceGraph@PaintBar$qqr15Graphics@TColorll
@TPerformanceGraph@PaintLine$qqr15Graphics@TColorll
@TPerformanceGraph@ReallocHistory$qqrv
@TPerformanceGraph@Replay$qqrv
@TPerformanceGraph@RoundUp$qqrll
@TPerformanceGraph@ScrollGraph$qqrv
@TPerformanceGraph@SetBackColor$qqr15Graphics@TColor
@TPerformanceGraph@SetForeColor$qqr15Graphics@TColor
@TPerformanceGraph@SetGradient$qqrl
@TPerformanceGraph@SetGraphKind$qqr10TGraphKind
@TPerformanceGraph@SetGridSize$qqrl
@TPerformanceGraph@SetGridlines$qqro
@TPerformanceGraph@SetPenWidth$qqrl
@TPerformanceGraph@SetScale$qqrl
@TPerformanceGraph@SetStepSize$qqrl
@TPerformanceGraph@ShiftY$qqrv
@TPerformanceGraph@Update$qqrv
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 141KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 132KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.5MB

UPX1 Size: 699KB - Virtual size: 700KB

.rsrc Size: 71KB - Virtual size: 72KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.data Size: 74KB - Virtual size: 116KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 13KB - Virtual size: 16KB

.didata Size: 1024B - Virtual size: 4KB

.edata Size: 6KB - Virtual size: 8KB

.rsrc Size: 141KB - Virtual size: 144KB

.reloc Size: 132KB - Virtual size: 136KB

UPX0
Size: - Virtual size: 1.5MB

UPX1
Size: 699KB - Virtual size: 700KB

.rsrc
Size: 71KB - Virtual size: 72KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 74KB - Virtual size: 116KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 13KB - Virtual size: 16KB

.didata
Size: 1024B - Virtual size: 4KB

.edata
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 141KB - Virtual size: 144KB

.reloc
Size: 132KB - Virtual size: 136KB