7fb3666c38bd117758ad9f48e4e184e9c2e55f46ec82495ba2507ccbd177b877 | Triage

Sharing

General

Target

7fb3666c38bd117758ad9f48e4e184e9c2e55f46ec82495ba2507ccbd177b877
Size

25KB
MD5

22aa83280c9d8ee6c691265e1589aa60
SHA1

d2c5548e4ede2a4f1fed6765b4aa76e608ad3869
SHA256

7fb3666c38bd117758ad9f48e4e184e9c2e55f46ec82495ba2507ccbd177b877
SHA512

3df8d43b9e7fc77721c48daab33d621af5903750031a444050faed7e2a8c601a897b4497bbd1bc7d0b4e9b6fec39c7e2af03f9bdf41befe0e364cbce2ff17d11
SSDEEP

192:c6Xecw0AKLh0RczPJaofLiVtpwZR4EyncjWO9SwOGgxDKvbrmS:fXecwE31feVtSRsn2SJ/KmS

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

7fb3666c38bd117758ad9f48e4e184e9c2e55f46ec82495ba2507ccbd177b877
.exe windows x86

20abfdeaecdd331db776ab401fc6977a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetModuleHandleA
GetSystemTimeAsFileTime
LoadResource
ExitProcess
SizeofResource
WriteFile
lstrcatA
lstrcpyA
CreateFileA
CreateDirectoryA
LockResource
CloseHandle

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
ShellExecuteA

Sections

UPX0
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE