c55bfb42f52548616577a3a96dfd34caeb1b3c8ca04642739a6f6c9b943e7103

General

Target

c55bfb42f52548616577a3a96dfd34caeb1b3c8ca04642739a6f6c9b943e7103
Size

180KB
MD5

91cc538db3fc9c841f384b21d952ee6e
SHA1

a51de0fb92e0495b380eb66e68839b0ca3f38220
SHA256

c55bfb42f52548616577a3a96dfd34caeb1b3c8ca04642739a6f6c9b943e7103
SHA512

7b2c099b3f7369ee4b80f9d8bb86118c887fdae627bb74399076edc7d7a9d9bbf74c73941971f77db8283c2c10f4ee3edf97920971519b289af66767763fbd8a
SSDEEP

3072:mxpelJRgs6vwjzwTm3hMuKPmm5h7kMJn8FMvnix6RklDBhFFL:mxfvssTyfyfkMN8ykX5

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

c55bfb42f52548616577a3a96dfd34caeb1b3c8ca04642739a6f6c9b943e7103
.exe windows x86

95683415d54b93770e1bc3180e3e3e29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
GetCurrentProcess
CloseHandle
GetLastError
Sleep
lstrcpyA
GetModuleFileNameA
GetModuleHandleA
GetExitCodeProcess
CreateProcessA
lstrcatA
GetEnvironmentStringsW
HeapCreate
VirtualFree
ExitProcess
TerminateProcess
GetCommandLineA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetVersion
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
VirtualAlloc
HeapReAlloc
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetStringTypeA
LCMapStringA
LCMapStringW
GetStringTypeW

user32

WaitForInputIdle

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX0
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

95683415d54b93770e1bc3180e3e3e29

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 10KB

UPX0 Size: 144KB - Virtual size: 380KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 10KB

UPX0
Size: 144KB - Virtual size: 380KB