381dc50dbabe5722a20ac36e17bcacafeb0f1cbe8ec2e992eeeaeaa6e2814cc4

General

Target

381dc50dbabe5722a20ac36e17bcacafeb0f1cbe8ec2e992eeeaeaa6e2814cc4
Size

118KB
MD5

a0addd7d1ed2f4bc46e3deba6a248031
SHA1

86f7a3444b4ae5d4df90f7d12805112171779de5
SHA256

381dc50dbabe5722a20ac36e17bcacafeb0f1cbe8ec2e992eeeaeaa6e2814cc4
SHA512

e33493011ad07353cc1a709cb0682fd68890bd8056cab9ee43ecc3d638620ad54923ff8ec433432e5e8f66dd31604652461010e540ee0d685317dc4f6798c8cc
SSDEEP

1536:zIhpW0QJ4v4M73b6pDhGri8DlV0nyTd8/JhY46FtXZSBxt6AJ0eJ5i9D0lMU5t:Sp/FJ6JhGG8DiWxm6WY9F+

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

381dc50dbabe5722a20ac36e17bcacafeb0f1cbe8ec2e992eeeaeaa6e2814cc4
.exe windows x86

1cf896e77e6e24a31dd11a0dd80292da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetConsoleOutputCP
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
FormatMessageW
LocalFree
SetThreadUILanguage
GetCurrentProcessId
GetModuleHandleW

msvcrt

_controlfp
_except_handler3
_ultow
wcsncpy
wcslen
wprintf
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_wcsicmp
_initterm
__wgetmainargs
__winitenv
exit
_cexit
_XcptFilter
_exit
_c_exit
??2@YAPAXI@Z
_wcsnicmp
_wsetlocale
??3@YAXPAX@Z
_vsnwprintf
__setusermatherr

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

wldap32

ord14
ord88
ord73
ord46
ord155
ord18
ord224
ord118
ord203
ord26
ord140
ord41
ord145

user32

LoadStringW

netapi32

DsGetDcNameW
NetApiBufferFree

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1cf896e77e6e24a31dd11a0dd80292da

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

wldap32

user32

netapi32

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 64B

.rsrc Size: 3KB - Virtual size: 3KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 64B

.rsrc
Size: 3KB - Virtual size: 3KB

.UPX0
Size: 108KB - Virtual size: 260KB