8ac2cbed7ecc6f6e021c2fd942789b8194f1d908789a8f71a39486592aae84e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ac2cbed7ecc6f6e021c2fd942789b8194f1d908789a8f71a39486592aae84e7
Size

14KB
MD5

c45d7de79d163f443702c57b2a34de9d
SHA1

56b9088f9910377fb335532ca4aa3ed60e368528
SHA256

8ac2cbed7ecc6f6e021c2fd942789b8194f1d908789a8f71a39486592aae84e7
SHA512

b1956d3c98d7f8862e7af92998b3b34f9bfffc97d59c805ed504cf6e00d35af4bdc5e51c559b8a7a2ccfb86b2bbecd7b194eb087fcd58206f25e24ddcc22c0b3
SSDEEP

96:AXuLNExwLmhCVpjpU5+mHjFiHv7Bl4Zk3kn7qQ6amP:A+Lyx/Enjp6evr3kn756PP

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

8ac2cbed7ecc6f6e021c2fd942789b8194f1d908789a8f71a39486592aae84e7
.exe windows x86

85a5984f807b841f1806434571986efb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CloseHandle
GetProcAddress
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetLocaleInfoA
GetTimeZoneInformation
lstrcmpiA
GetCommandLineA
Sleep
CreateFileA

advapi32

RegOpenKeyA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

msvcrt

free
time
_exit
strchr
_controlfp
_except_handler3
__set_app_type
malloc
strstr
fclose
sscanf
fread
fseek
fopen
__p__fmode
strrchr
_spawnl
__getmainargs
_XcptFilter
exit
_acmdln
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

user32

wsprintfA

wininet

InternetSetOptionA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetGetConnectedState
InternetOpenA

Sections

UPX0
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE