4f5df85b2a568529a87a3236da5057cadd416995484e091ed4b078888887dfb1

General

Target

4f5df85b2a568529a87a3236da5057cadd416995484e091ed4b078888887dfb1
Size

128KB
MD5

07338de9beb874c105296a02b78490f0
SHA1

4c432a6f22262e4871de807ac5111956b69c8748
SHA256

4f5df85b2a568529a87a3236da5057cadd416995484e091ed4b078888887dfb1
SHA512

6bc8e69345a0a307b6bfc3a1f64636ad6267f02fa7137787c60176df14ed0434c8b18d8adc1a648d781f1b7dd4b53b4d5c653e0101ae09c9918d0d9deafe62c8
SSDEEP

3072:bpdflMPp8GvYLT3V7qlqL8jGOQpIPpWt+HT5WQ8AEAKXX:b7flMPS1TVmML8jBQWQYT57/FKXX

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

4f5df85b2a568529a87a3236da5057cadd416995484e091ed4b078888887dfb1
.exe windows x86

b21d49babe1c911b804e5b9ccc7c9160

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__p__fmode
_ltoa
_except_handler3
__set_app_type
_adjust_fdiv
strchr
__p__commode
_acmdln
__setusermatherr
exit
free
atol
_strnicmp
strtok
_initterm
__getmainargs
malloc
_exit
_XcptFilter
_stricmp

kernel32

WaitForSingleObject
GetStartupInfoA
lstrcmpiA
GetModuleHandleA
GetProcAddress
FreeLibrary
CreateEventA
GetTimeZoneInformation
LoadLibraryA
CloseHandle
WideCharToMultiByte
lstrlenA

user32

wsprintfA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

SysFreeString

advapi32

RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA

cfgmgr32

CM_Get_DevNode_Registry_PropertyA
CM_Get_Device_ID_ListA
CM_Get_Device_ID_List_SizeA
CM_Get_DevNode_Status
CM_Open_DevNode_Key
CM_Locate_DevNodeA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b21d49babe1c911b804e5b9ccc7c9160

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

ole32

oleaut32

advapi32

cfgmgr32

setupapi

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 460B

.rsrc Size: 4KB - Virtual size: 808B

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 460B

.rsrc
Size: 4KB - Virtual size: 808B

.UPX0
Size: 108KB - Virtual size: 260KB