a7a077a8eae92e22a53f3fa1096596ff6a82b35c680bc3faf81aad2c6f0e7af2

Sharing

Copy URL

Twitter E-mail

General

Target

a7a077a8eae92e22a53f3fa1096596ff6a82b35c680bc3faf81aad2c6f0e7af2
Size

540KB
MD5

110b9ae263d045334ae4f4abf3fa6c04
SHA1

544d86800557b8ebb1208d4067d6e487ad8b8e31
SHA256

a7a077a8eae92e22a53f3fa1096596ff6a82b35c680bc3faf81aad2c6f0e7af2
SHA512

ef819fd15ad5e991f586654f6b9a520fe798aecde4fea2117df77ef6b8467d85c3e598f732f9b1c4ee2d88ab5962c3b6da8ac808cf6737de3e5ee5b7977ca070
SSDEEP

6144:3JgXhwPAUQWXkCcwOYbpYQ7NKOY5IsQSHsQa+Tdz9C+1y:52hlUa7wliSNK9rlHsb+TdhC+g

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

a7a077a8eae92e22a53f3fa1096596ff6a82b35c680bc3faf81aad2c6f0e7af2
.exe windows x86

0dc1acf5daea7dc70eefcd740fa330d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDoubleClickTime
GetClassNameW
TrackPopupMenuEx
UnionRect
SetRect
GetDC
EqualRect
IsIconic
IsZoomed
InflateRect
IntersectRect
IsRectEmpty
OffsetRect
IsWindowVisible
FrameRect
DrawIconEx
GetSysColor
SetRectEmpty
BeginPaint
EndPaint
GetClientRect
InvalidateRgn
SetWindowTextW
EnableWindow
GetWindowTextW
GetSysColorBrush
RegisterClassExW
GetMessageW
DispatchMessageW
TranslateMessage
PostQuitMessage
wvsprintfW
ReleaseCapture
MonitorFromPoint
SetCapture
SetCursor
PtInRect
GetWindow
DefWindowProcW
KillTimer
LoadStringW
LoadCursorW
UnregisterClassW
RegisterClassW
CreateWindowExW
DestroyWindow
GetCursorPos
ScreenToClient
GetSubMenu
CreatePopupMenu
DestroyMenu
LoadMenuW
DeleteMenu
ClientToScreen
TrackPopupMenu
GetSystemMetrics
SystemParametersInfoW
InsertMenuItemW
GetMenuItemInfoW
SetMenuItemInfoW
IsWindow
GetWindowDC
ReleaseDC
CopyRect
GetWindowPlacement
OpenIcon
ShowWindow
UpdateWindow
AllowSetForegroundWindow
LockSetForegroundWindow
GetForegroundWindow
GetTopWindow
GetWindowThreadProcessId
AttachThreadInput
SetActiveWindow
SetForegroundWindow
BringWindowToTop
SetFocus
InvalidateRect
wsprintfW
SendMessageW
CopyIcon
GetClassLongW
LoadIconW
LoadImageW
DestroyIcon
MapVirtualKeyW
GetKeyNameTextW
FindWindowW
PostMessageW
SetTimer
GetWindowRect
MoveWindow
GetMonitorInfoW
EnumDisplayDevicesW
EnumDisplaySettingsW
SetWindowPos
GetWindowLongW
SetWindowLongW

shell32

ExtractIconW
ExtractIconExW
SHAppBarMessage

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW

comctl32

InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_Create
ImageList_SetImageCount
ImageList_Remove
ImageList_Destroy
ImageList_GetIcon
ImageList_ReplaceIcon

msimg32

GradientFill

kernel32

GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
VirtualQuery
InterlockedExchange
InitializeCriticalSection
LoadLibraryA
RaiseException
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
GetCurrentProcess
TerminateProcess
ExitProcess
TlsGetValue
TlsSetValue
GetStringTypeW
GetCurrentThread
SetLastError
TlsAlloc
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
ExitThread
Sleep
lstrcpynW
lstrcmpiW
CreateSemaphoreW
OutputDebugStringW
MultiByteToWideChar
GetLastError
CreateThread
SetThreadPriority
TerminateThread
GetTickCount
lstrlenW
GetUserDefaultLangID
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
ReadFile
GlobalLock
GlobalUnlock
FreeResource
LocalAlloc
GlobalAlloc
CreateFileW
WriteFile
CloseHandle
GlobalFree
LocalFree
GetEnvironmentVariableW
lstrcatW
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpyW
GetVersionExW
HeapFree
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapSize
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsFree
lstrcmpW
GetProcessHeap
GetModuleFileNameW
HeapAlloc

Sections

.text
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0dc1acf5daea7dc70eefcd740fa330d0

Headers

File Characteristics

Imports

user32

shell32

advapi32

comctl32

msimg32

kernel32

Sections

.text Size: 120KB - Virtual size: 118KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 280KB - Virtual size: 279KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 120KB - Virtual size: 118KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 280KB - Virtual size: 279KB

.UPX0
Size: 108KB - Virtual size: 260KB