0df2046973621e1283db7bdff519c3cd01b23187d407a9b0f2d98b6df0da0d81

Sharing

Copy URL Twitter E-mail

General

Target

0df2046973621e1283db7bdff519c3cd01b23187d407a9b0f2d98b6df0da0d81
Size

210KB
MD5

0ef19951b0c61f6503fd7afd80a74008
SHA1

57fc2b6a240d6ee78d5233179b8908aec19eee1b
SHA256

0df2046973621e1283db7bdff519c3cd01b23187d407a9b0f2d98b6df0da0d81
SHA512

c476be447e37c74f7f928be38a27becf58df60fd9f8adb5763f429eb3b5afb9ea5718c7bc70b4432edc80733bf19f59559885ed2c7c2aade5f0d606e17dfc58d
SSDEEP

6144:w6o7mP0xwWP9n2M82xPkukeya/FP+y4GlE:c7mPxWoT2euea/gy4+E

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/PerX.exe	upx

Files

0df2046973621e1283db7bdff519c3cd01b23187d407a9b0f2d98b6df0da0d81
.rar
PerX-Injector.zip
.zip
PerX.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 452KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 169KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Rapid Fire Mega.dll
.dll windows x86

fcb199e30dafa3e2a032364c7c75b867

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetModuleHandleW
GetModuleFileNameW
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryExW
GetProcAddress
GetLastError
RaiseException
IsDebuggerPresent
DecodePointer
EncodePointer
IsProcessorFeaturePresent

user32

GetAsyncKeyState

msvcr120d

_wsplitpath_s
__crtUnhandledException
__crtTerminateProcess
_wmakepath_s
wcscpy_s
_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_dbg
_CrtDbgReportW
_unlock
_lock
_initterm_e
_initterm
_CrtSetCheckCount
_free_dbg
_malloc_dbg
_amsg_exit
__CppXcptFilter
_CRT_RTC_INITW
_crt_debugger_hook

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 452KB

UPX1 Size: 169KB - Virtual size: 172KB

.rsrc Size: 92KB - Virtual size: 96KB

fcb199e30dafa3e2a032364c7c75b867

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcr120d

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 452KB

UPX1
Size: 169KB - Virtual size: 172KB

.rsrc
Size: 92KB - Virtual size: 96KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB