fd6ffa4f0fd9cb73197e0c331faf0819e56df58c8cc05b52b762fc0653547dbf

Sharing

Copy URL

Twitter E-mail

General

Target

fd6ffa4f0fd9cb73197e0c331faf0819e56df58c8cc05b52b762fc0653547dbf
Size

192KB
MD5

a0d45e534036243eca83d7abeb77b2f1
SHA1

ded248186751c19e90821c5f3c87d9804f476eb1
SHA256

fd6ffa4f0fd9cb73197e0c331faf0819e56df58c8cc05b52b762fc0653547dbf
SHA512

1a5170a463256ef7e7b31d3d7f3a092d7edb91a3592983ec14e27760d831e8a34941373db3c52c42a1209ea4dc685755c4f0a870db7027473208691e9dc465f2
SSDEEP

3072:TE1hHGYofKBjM46AoflJoj4HLzsk3a3KSWqQPdQlcIcgEyHd7NBwWCus:TtKpj6RdDEk3aPWfVQulgEyHdBBaus

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

fd6ffa4f0fd9cb73197e0c331faf0819e56df58c8cc05b52b762fc0653547dbf
.exe windows x86

51815ae292aa3808afaffba3f502e91e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetACP
lstrcpynA
MoveFileA
DeleteFileA
OpenFileMappingA
CreateFileMappingA
OpenEventA
GetTickCount
MapViewOfFile
CloseHandle
WriteFile
SetEvent
SetLastError
GetLastError
CreateEventA
CreateMutexA
lstrlenA
CreateFileA
FreeLibrary
GetProcAddress
UnmapViewOfFile
lstrcpyA
GetCommandLineA
GetVersion
GetModuleHandleA
GetStartupInfoA
ReadFile
SetEndOfFile
FlushFileBuffers
SetFilePointer
HeapReAlloc
SetStdHandle
GetStringTypeW
GetStringTypeA
VirtualAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
InterlockedDecrement
InterlockedIncrement
VirtualFree
HeapCreate
RtlUnwind
GetVersionExA
GetEnvironmentVariableA
HeapDestroy
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsAlloc
GetFileType
GetStdHandle
DeleteCriticalSection
GetEnvironmentStringsW
GetEnvironmentStrings
lstrcatA
LoadLibraryA
SetHandleCount
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetCurrentProcess
ExitProcess
HeapFree
HeapAlloc
InitializeCriticalSection
UnhandledExceptionFilter
TerminateProcess
GetModuleFileNameA
GetOEMCP
EnterCriticalSection
LeaveCriticalSection
GetCPInfo

user32

wsprintfA
wvsprintfA
FindWindowA
SendMessageA
ScreenToClient
GetDlgItem
SetWindowTextA
DestroyIcon
TranslateMessage
GetMessageA
GetSysColor
DispatchMessageA
RegisterClassA
DestroyWindow
LoadIconA
PostQuitMessage
DialogBoxParamA
SetWindowPos
CreateDialogParamA
ChangeMenuA
DefDlgProcA
GetSystemMetrics
SetForegroundWindow
GetSystemMenu
CheckMenuItem
GetWindowLongA
GetDC
AdjustWindowRect
LoadStringA
LoadImageA
DrawIconEx
ShowWindow
MessageBoxA
FillRect
EndDialog
SetWindowLongA
ReleaseDC
GetCursor
SetCursor
GetCursorPos
GetClientRect
LoadCursorA
CallWindowProcA
PtInRect

gdi32

CreateSolidBrush

comdlg32

GetSaveFileNameA

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

CoGetClassObject
CoUninitialize
CoInitialize

msvfw32

DrawDibDraw
DrawDibOpen
DrawDibClose

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 104KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

51815ae292aa3808afaffba3f502e91e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

msvfw32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 17KB

.data1 Size: 8KB - Virtual size: 5KB

.rsrc Size: 8KB - Virtual size: 6KB

.UPX0 Size: 104KB - Virtual size: 252KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 17KB

.data1
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 6KB

.UPX0
Size: 104KB - Virtual size: 252KB