68c99ecd735547bf47d5946780e468d829d7ce6d945542d3ddd672f70bc58885

Sharing

Copy URL Twitter E-mail

General

Target

68c99ecd735547bf47d5946780e468d829d7ce6d945542d3ddd672f70bc58885
Size

1.5MB
MD5

70b57465cbd486b99c57baaecc20c23f
SHA1

2e1dfa95f378f01236d253033078e6be61d0bfa1
SHA256

68c99ecd735547bf47d5946780e468d829d7ce6d945542d3ddd672f70bc58885
SHA512

6116eb389173c39c117a394506e626abfb0461d477ad11ad75be3f72e769565ac74f0caa8e95e4a1949d745f401e9b66f9e50fd27fcaf35eafe9a2c0fac8a5c1
SSDEEP

24576:3v7mhdNGSbLuBFpq5IkXG4GJkP6FSFfVnAD/lv82RRFRy71Ji1ezo7u6qeQRw0KW:3vqhp3uPpQ+JiUShVnAD/TRkLiOo7uQ+

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/ע汾3190()/ж(ע).exe	upx
static1/unpack001/ж.exe	upx

Files

68c99ecd735547bf47d5946780e468d829d7ce6d945542d3ddd672f70bc58885
.zip
ucbugϷ.url
.url
˵(ʹñض).txt
ע汾3190()/ע˵.txt
ע汾3190()/ж(ע).exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 568KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 587KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 476KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 444KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ucbugϷ.txt
ж.exe
.exe windows x86

dfdad61e4680e761747746414beddc3a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibDraw

avifil32

AVIStreamGetFrame

winmm

midiStreamStop

ws2_32

ioctlsocket

kernel32

TlsAlloc
GetModuleHandleA
LoadLibraryA
VirtualAlloc
GetModuleFileNameA
ExitProcess

user32

IsChild
MessageBoxA

gdi32

GetBkMode

winspool.drv

DocumentPropertiesA

comdlg32

ChooseColorA

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

VariantCopy

comctl32

ImageList_Read

oledlg

ord8

Sections

.text
Size: - Virtual size: 672KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: - Virtual size: 418KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX1
Size: 912KB - Virtual size: 909KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ucbug΢,ȡҼ.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 568KB

UPX1 Size: 587KB - Virtual size: 588KB

.rsrc Size: 44KB - Virtual size: 44KB

Headers

File Characteristics

Sections

.text Size: 476KB - Virtual size: 473KB

.rdata Size: 444KB - Virtual size: 441KB

.data Size: 64KB - Virtual size: 161KB

.rsrc Size: 60KB - Virtual size: 58KB

dfdad61e4680e761747746414beddc3a

Headers

File Characteristics

Imports

msvfw32

avifil32

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

Sections

.text Size: - Virtual size: 672KB

.rdata Size: - Virtual size: 421KB

.data Size: - Virtual size: 306KB

.rsrc Size: 48KB - Virtual size: 65KB

.UPX0 Size: - Virtual size: 418KB

.UPX1 Size: 912KB - Virtual size: 909KB

.reloc Size: 4KB - Virtual size: 312B

UPX0
Size: - Virtual size: 568KB

UPX1
Size: 587KB - Virtual size: 588KB

.rsrc
Size: 44KB - Virtual size: 44KB

.text
Size: 476KB - Virtual size: 473KB

.rdata
Size: 444KB - Virtual size: 441KB

.data
Size: 64KB - Virtual size: 161KB

.rsrc
Size: 60KB - Virtual size: 58KB

.text
Size: - Virtual size: 672KB

.rdata
Size: - Virtual size: 421KB

.data
Size: - Virtual size: 306KB

.rsrc
Size: 48KB - Virtual size: 65KB

.UPX0
Size: - Virtual size: 418KB

.UPX1
Size: 912KB - Virtual size: 909KB

.reloc
Size: 4KB - Virtual size: 312B