c2a5aaa8827766da451a5fb4a6dafa35e7305490d57f18690e43aef9ead7f6ed

Sharing

Copy URL Twitter E-mail

General

Target

c2a5aaa8827766da451a5fb4a6dafa35e7305490d57f18690e43aef9ead7f6ed
Size

1.8MB
MD5

a8b6842ec2898d5e090051454517f4ee
SHA1

e5139a4ee3f9611bdad1f2df3c2039e6bb33e112
SHA256

c2a5aaa8827766da451a5fb4a6dafa35e7305490d57f18690e43aef9ead7f6ed
SHA512

86fede8f4f343dc159b9fdb811923ec2e7b3f136795a8481d15a5bd4d8c54c4040b026127df23b25e919bc6e5cbafe953d375dcb3ef7110b03461af2ebab4db4
SSDEEP

49152:9PsWkH6KFTRi84e6TeoVJj3paE7LI/HU:9PsWC6KFTRkHRJj97

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

c2a5aaa8827766da451a5fb4a6dafa35e7305490d57f18690e43aef9ead7f6ed
.dll windows x86

2ecebac1f5333f20c8a9c24423a21615

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

FillRect

gdi32

CreatePen

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shlwapi

PathFindExtensionA

oledlg

ord8

ole32

OleIsCurrentClipboard

oleaut32

VariantInit

Sections

.text
Size: - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX1
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX2
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ecebac1f5333f20c8a9c24423a21615

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: - Virtual size: 287KB

.rdata Size: - Virtual size: 60KB

.data Size: - Virtual size: 105KB

.rsrc Size: 2KB - Virtual size: 14KB

UPX0 Size: - Virtual size: 40KB

UPX1 Size: - Virtual size: 1.4MB

UPX2 Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 512B - Virtual size: 172B

.text
Size: - Virtual size: 287KB

.rdata
Size: - Virtual size: 60KB

.data
Size: - Virtual size: 105KB

.rsrc
Size: 2KB - Virtual size: 14KB

UPX0
Size: - Virtual size: 40KB

UPX1
Size: - Virtual size: 1.4MB

UPX2
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 512B - Virtual size: 172B