3240975979581f616ce6eec79b1e9f202f0fc873ff0c9e403253ff7609f574ef

General

Target

3240975979581f616ce6eec79b1e9f202f0fc873ff0c9e403253ff7609f574ef
Size

164KB
MD5

21b1f3df5a8f320d9541dd0b3c0936c0
SHA1

f84a5de408b6a5bec79bf6b705703d7b041cb845
SHA256

3240975979581f616ce6eec79b1e9f202f0fc873ff0c9e403253ff7609f574ef
SHA512

8fcc3285cfc88fbf2a0e7c656995145562d0fd10e82ef0c467170d45f1a19dafe72ad6c7889c592d08dd100c39175197ba59a9fcb0262fe7075886cba72556cd
SSDEEP

3072:4/n0hf9K95IoDUy1t90Zi8/eN59BnkBlnbmfM17BTnLNr:4swjHns8dw1bP1VZ

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

3240975979581f616ce6eec79b1e9f202f0fc873ff0c9e403253ff7609f574ef
.exe windows x86

0e81a70eb44eb932f3911c333bc971c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetLastError
WriteFile
ReadFile
SetFileAttributesA
SetFileTime
DosDateTimeToFileTime
SetFilePointer
CreateDirectoryA
SetEndOfFile
GetFileSize
GetFileAttributesA
FileTimeToDosDateTime
GetFileTime
FileTimeToSystemTime
CreateFileA
FindNextFileA
FindFirstFileA
FindClose
FreeLibrary
GetProcAddress
LoadLibraryA
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
HeapFree
CloseHandle
HeapReAlloc
GetCommandLineA
GetVersion
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetModuleHandleA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: 104KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e81a70eb44eb932f3911c333bc971c5

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 12KB

.UPX0 Size: 104KB - Virtual size: 252KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 12KB

.UPX0
Size: 104KB - Virtual size: 252KB