04778872ebfe19afd240d9242b58e7b6236c199d7edf3c21c974e40998ae0f1c | Triage

Sharing

General

Target

04778872ebfe19afd240d9242b58e7b6236c199d7edf3c21c974e40998ae0f1c
Size

116KB
MD5

ef17d21ad9cdab3c972b9e925b1ceb33
SHA1

46358cea22fefaa33bd27a004b2e7903cbbf6190
SHA256

04778872ebfe19afd240d9242b58e7b6236c199d7edf3c21c974e40998ae0f1c
SHA512

33d3eecf88f984c5689ee1c33bb412089c81c4a52df81ad6d8038bd0533f370354bf55b0dc89eb8c8fdd0916a070d97612c2eb75901ecf7f44fb21f4bbb7f83c
SSDEEP

3072:CKjMubeiPfNEtjiJCxGGd/6Gh2CQeBnXvQfoyEaG:CKjbeZhJGGxh2nGXvQAxaG

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

Files

04778872ebfe19afd240d9242b58e7b6236c199d7edf3c21c974e40998ae0f1c
.exe windows x86

c92746cd3b69c56e5c4ed6d3f9854fa1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
FreeLibrary
VirtualProtect
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA

user32

MessageBoxA
wsprintfA

Sections

UPX0
Size: - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE