b055db4205bc1a3f46eded5f9be8fa8d6e041b9ce8c799144d007afbbef6bd87

Sharing

Copy URL

Twitter E-mail

General

Target

b055db4205bc1a3f46eded5f9be8fa8d6e041b9ce8c799144d007afbbef6bd87
Size

160KB
MD5

91c40177d27ef175e2dfe9b9bcffd8eb
SHA1

6819ceae8611c75fa79140bc78a820bc67e56895
SHA256

b055db4205bc1a3f46eded5f9be8fa8d6e041b9ce8c799144d007afbbef6bd87
SHA512

21f0589bb5348d7d027229a5f7569a792db5fbee9ec671fff70d26a8c6f6b6bc2b5c70370bb742f09a853a99f83907fe83d88c7dbd845ddf6981ab40aa9586f5
SSDEEP

3072:2mTZUum2eXa9CRdhc3Ipf4o+nsBNdA0r1zxXmTPvjf8W4wUUG0KrP3aHe2LAfllW:/ZUUeXa0REMLBNdPGL84UPK+2LQm

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

b055db4205bc1a3f46eded5f9be8fa8d6e041b9ce8c799144d007afbbef6bd87
.exe windows x86

6880112ddc91bea002feb7aef712109a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
DeleteFileW
CreateFileW
SetFilePointer
ExitProcess
lstrlenW
lstrcpyW
lstrcatW
CreateEventW
CreateThread
lstrcmpiW
lstrcmpW
AllocConsole
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEvent
CloseHandle
CreateDirectoryW
GetSystemDirectoryW
GetLocalTime
UnlockFile
WriteFile
CreateEventA
LockFile
FormatMessageA
lstrcatA
lstrcpyA
lstrlenA
GetLastError
GetStdHandle
FlushFileBuffers
GetCommandLineW
HeapAlloc
HeapCreate
VirtualAlloc
GetSystemInfo
HeapDestroy
GlobalFree
VirtualFree
InterlockedExchange
SwitchToThread
InterlockedCompareExchange
HeapFree
TerminateThread
ResumeThread
DuplicateHandle
GetCurrentProcess
FreeEnvironmentStringsW
SetStdHandle
WaitForMultipleObjects
TerminateProcess
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
CreateProcessW
OutputDebugStringW
GetEnvironmentStringsW
ReadFile
SetHandleInformation
CreatePipe
GetVersionExA
GetEnvironmentVariableW
ExpandEnvironmentStringsW
LocalFree
LocalAlloc
FreeLibrary
LoadLibraryExW
SetErrorMode
GetExitCodeThread
SetEnvironmentVariableW
GetModuleFileNameW
GetTickCount
GetSystemTimeAsFileTime
WaitForSingleObject
GenerateConsoleCtrlEvent
ResetEvent
Sleep
ExitThread

user32

wsprintfW
wsprintfA
wvsprintfA
FindWindowW
SendMessageA
MessageBoxA
WaitForInputIdle
IsCharAlphaNumericW

advapi32

SetSecurityDescriptorDacl
ImpersonateLoggedOnUser
DuplicateTokenEx
LogonUserW
CreateProcessAsUserW
InitializeSecurityDescriptor
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
OpenSCManagerA
CloseServiceHandle
QueryServiceConfigW
OpenServiceW
QueryServiceStatus
SetServiceStatus
RegisterServiceCtrlHandlerW
StartServiceCtrlDispatcherW
DeleteService
CreateServiceW
StartServiceA
ControlService
ChangeServiceConfigA
ChangeServiceConfigW

msvcrt

__p___initenv
setvbuf
_fdopen
_open_osfhandle
fclose
fputc
_iob
fflush
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_exit
exit
_XcptFilter
_wputenv

shell32

CommandLineToArgvW

shlwapi

SHDeleteKeyW
SHDeleteEmptyKeyW

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6880112ddc91bea002feb7aef712109a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

shell32

shlwapi

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 2KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 2KB

.UPX0
Size: 108KB - Virtual size: 260KB