b0c9e83df118ac20fc2a6071f8f85f321bea9f9a28eb244f264e6126ed1c01e7

General

Target

b0c9e83df118ac20fc2a6071f8f85f321bea9f9a28eb244f264e6126ed1c01e7
Size

39KB
MD5

53909a718eef729fbe3bb75629371d4a
SHA1

d295c4747211bb1504a07b0695d900a7754c20b2
SHA256

b0c9e83df118ac20fc2a6071f8f85f321bea9f9a28eb244f264e6126ed1c01e7
SHA512

edb55f64de544deb708e60301ea8729a537df776b5197e54db756cb7264fead5d0cda4932ac6625094d4d7929bbba7c57c8266f12e5fa7b921a286cc95bc5a15
SSDEEP

384:DYRdCy1MqlWlFmQms1sHUCN67N8NmAfneQdmbK:oCyCql+FmQFWoJyKQ7

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

b0c9e83df118ac20fc2a6071f8f85f321bea9f9a28eb244f264e6126ed1c01e7
.dll windows x86

c26afbc8faa61f777abab49b322a6d10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WinExec
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA
FreeLibraryAndExitThread
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
DeleteFileA
CreateThread
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetVersion
GetCurrentThreadId
GetThreadLocale
GetStartupInfoA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

gdi32

GetStockObject

user32

CreateWindowExA
WaitMessage
UnregisterClassA
TranslateMessage
RegisterClassA
PostQuitMessage
PeekMessageA
LoadIconA
LoadCursorA
FindWindowA
DispatchMessageA
DefWindowProcA
GetKeyboardType
MessageBoxA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

UPX0
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c26afbc8faa61f777abab49b322a6d10

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

user32

wininet

Sections

UPX0 Size: 36KB - Virtual size: 36KB

.rsrc Size: 512B - Virtual size: 4KB

.avc Size: 2KB - Virtual size: 4KB

UPX0
Size: 36KB - Virtual size: 36KB

.rsrc
Size: 512B - Virtual size: 4KB

.avc
Size: 2KB - Virtual size: 4KB