6c8894bde9cfeff5bf3833f32043e68bc28c41f9dfcc6c412b4ec6ad64423b35 | Triage

Sharing

General

Target

6c8894bde9cfeff5bf3833f32043e68bc28c41f9dfcc6c412b4ec6ad64423b35
Size

135KB
MD5

362a56c81c7ae714eb108f867fabf31e
SHA1

cc938eab63d3fba5ce22998a01c0e6c1e4891df4
SHA256

6c8894bde9cfeff5bf3833f32043e68bc28c41f9dfcc6c412b4ec6ad64423b35
SHA512

307907a8ea4d4c562906e48fc010ebfb808fbdc7b8b8f1743bc922c47c44e0af071a4726f4fa3ec8ec22ff12b181d9a4e5eb479bcdaaf544aa01cfb2b0421d16
SSDEEP

3072:dtSIMHISFGY8jjs4zf63VohQw5zUd9KtK0Vd8OBM:S5IJjjs4zfcohL6UtK04Oa

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

6c8894bde9cfeff5bf3833f32043e68bc28c41f9dfcc6c412b4ec6ad64423b35
.exe windows x86

2cf4e72ff59fa26dfa73e6b08aa4300f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateProcessA
CreateThread
FindFirstFileA
GetLastError
GetLocalTime
GetProcAddress
GetVersionExA
GlobalAlloc
LeaveCriticalSection
LoadLibraryA
LocalReAlloc
LocalSize
MulDiv
SetErrorMode
SetFilePointer
Sleep
WaitForSingleObject
WriteConsoleA
lstrlenA

user32

wsprintfA
CascadeWindows
GetClientRect
GetMenuDefaultItem
KillTimer
OffsetRect
PaintDesktop
PostThreadMessageW
SendMessageCallbackW
ShowWindow
SubtractRect

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE