1703851ce7048afbb85423cebcdd3b062fc4b8ebc8029a1bcc795bb23c7ddd1f

General

Target

1703851ce7048afbb85423cebcdd3b062fc4b8ebc8029a1bcc795bb23c7ddd1f
Size

209KB
MD5

05c1c2523b43d42dee6e62c0e5514799
SHA1

c3b5afc39ea9a7f9cdafae9a68876977e9ba78a3
SHA256

1703851ce7048afbb85423cebcdd3b062fc4b8ebc8029a1bcc795bb23c7ddd1f
SHA512

7913f15678fbdec8941a2d9c4df84a330c09a46db77a0edd83358d64cff0c2a43956b3a1a1b6ba2d6eadf433fbecacae39f37114563ecf135468403469f3253b
SSDEEP

3072:B69jcVpCVCkJYBoUcWsLJLc+Ig5mdCyI7nYULfUT0dAkr+c5SEqx:UBcVJJGUoNL+g59LfUTa52

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

1703851ce7048afbb85423cebcdd3b062fc4b8ebc8029a1bcc795bb23c7ddd1f
.exe windows x86

9f2b152c2c85be0c0777e3aaef4020bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetExitCodeProcess
WaitForSingleObject
SetLastError
GetLastError
Wow64DisableWow64FsRedirection
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter

msvcrt

?terminate@@YAXXZ
_except_handler4_common
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
memset
_controlfp

shell32

ShellExecuteExW

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.UPX0
Size: 104KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f2b152c2c85be0c0777e3aaef4020bd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

shell32

Sections

.text Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 888B

.rsrc Size: 99KB - Virtual size: 98KB

.reloc Size: 1024B - Virtual size: 632B

.UPX0 Size: 104KB - Virtual size: 252KB

.text
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 888B

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 1024B - Virtual size: 632B

.UPX0
Size: 104KB - Virtual size: 252KB