acb8eb0cc1bea667a94b791d2b865db31eb100d6093580dc15679dfae5f64072

Sharing

Copy URL Twitter E-mail

General

Target

acb8eb0cc1bea667a94b791d2b865db31eb100d6093580dc15679dfae5f64072
Size

249KB
MD5

18ba88e0d6d4684c25ea331d62405c8d
SHA1

8aab826f8b86481766b148fbec9a3c0499e57fb7
SHA256

acb8eb0cc1bea667a94b791d2b865db31eb100d6093580dc15679dfae5f64072
SHA512

46314ff56c014b6c7ce21d85688a93383dd383fe3d6abab12060a2e0a565ea7252e84b2b45ac6956ea66c3d1173f921af5fb4bdfc71e4a69645e536c83a24cea
SSDEEP

3072:J3jiwzndAZMmwGuAICgKOKaeqUKOpVk/qfWJTfS1n37MyTUOP8XOBXEud+jlGkgM:Jjiwzn9m2KRaeqUp3WJrMIOLd+IGPBGg

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

acb8eb0cc1bea667a94b791d2b865db31eb100d6093580dc15679dfae5f64072
.exe windows x86

7d53c7651fa5c44b42e07f4c901ea11b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
InterlockedCompareExchange
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetVolumePathNamesForVolumeNameW
SetThreadUILanguage
GetStdHandle
GetFileType
HeapSetInformation
RegisterApplicationRestart
GetCommandLineW
GetVolumeNameForVolumeMountPointW
CreateFileW
DeviceIoControl
CloseHandle
GetModuleHandleW
FormatMessageW
WriteConsoleW
WriteFile
WideCharToMultiByte
InterlockedExchange

msvcrt

_controlfp
?terminate@@YAXXZ
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
exit
_XcptFilter
_cexit
__getmainargs
_iob
feof
fgetws
memcpy
_wcsicmp
vswprintf_s
memset
_wcstoui64
_wtoi
_vsnwprintf
_exit
_initterm

shell32

CommandLineToArgvW

ws2_32

WSAStartup
WSAStringToAddressA
WSACleanup

user32

LoadStringW

setupapi

CM_Get_DevNode_Registry_Property_ExW

iscsidsc

GetIScsiVersionInformation
GetIScsiInitiatorNodeNameW
ReportISNSServerListW
RefreshISNSServerW
RemoveISNSServerW
AddISNSServerW
AddIScsiStaticTargetW
RemoveIScsiStaticTargetW
AddIScsiSendTargetPortalW
RemoveIScsiSendTargetPortalW
ReportIScsiSendTargetPortalsExW
RefreshIScsiSendTargetPortalW
ReportIScsiTargetsW
ReportActiveIScsiTargetMappingsW
GetIScsiTargetInformationW
RemoveIScsiConnection
AddIScsiConnectionW
ReportIScsiPersistentLoginsW
RemoveIScsiPersistentTargetW
LoginIScsiTargetW
SendScsiInquiry
SendScsiReadCapacity
SendScsiReportLuns
SetIScsiIKEInfoW
GetIScsiIKEInfoW
GetIScsiSessionListW
GetDevicesForIScsiSessionW
SetIScsiInitiatorNodeNameW
ReportPersistentIScsiDevicesW
RemovePersistentIScsiDeviceW
SetIScsiTunnelModeOuterAddressW
SetIScsiGroupPresharedKey
SetIScsiInitiatorCHAPSharedSecret
ReportIScsiInitiatorListW
LogoutIScsiTarget
ClearPersistentIScsiDevices
SetupPersistentIScsiVolumes
AddPersistentIScsiDeviceW

iscsium

DiscpTextAddrToBinary
DiscpFreeMemory
DiscpAllocMemory
DiscpExecuteMethod
DiscpFreeDeviceInterfaceList
DiscpEnumerateDeviceInterfaces

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7d53c7651fa5c44b42e07f4c901ea11b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

shell32

ws2_32

user32

setupapi

iscsidsc

iscsium

Sections

.text Size: 32KB - Virtual size: 32KB

.data Size: 512B - Virtual size: 16KB

.rsrc Size: 105KB - Virtual size: 104KB

.reloc Size: 2KB - Virtual size: 1KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 512B - Virtual size: 16KB

.rsrc
Size: 105KB - Virtual size: 104KB

.reloc
Size: 2KB - Virtual size: 1KB

.UPX0
Size: 108KB - Virtual size: 260KB