c3f9ed8193d44e5112ff810a5b62f5ce5a96a9c5a2dd3a38a960abddb02b0511 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3f9ed8193d44e5112ff810a5b62f5ce5a96a9c5a2dd3a38a960abddb02b0511
Size

3KB
MD5

e07baa303aa17389aaa6c0769c5687e7
SHA1

55c92b65e6c88fede7c0c215b109e093ebe3e213
SHA256

c3f9ed8193d44e5112ff810a5b62f5ce5a96a9c5a2dd3a38a960abddb02b0511
SHA512

5b43d1173cba998c3921ffd0d6d61ade9aaa219f909adb23312fa35fd0bcec99cdbc2fc0dd8a33599a8686fb2a0075ba399ea4f1faac276bff1e31046338b39f

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c3f9ed8193d44e5112ff810a5b62f5ce5a96a9c5a2dd3a38a960abddb02b0511
.exe windows x86

7a9d6e0992928429451b906f08f68051

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
CreateFileA
CreateProcessA
ExitProcess
GetModuleFileNameA
GetProcessHeap
GetTickCount
GetWindowsDirectoryA
HeapAlloc
MoveFileExA
Sleep
WriteFile

advapi32

RegEnumValueA
RegOpenKeyExA

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile

Sections

UPX0
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE