a6066b4a7a296ed0b286a991b4a2ccd08b16e21f4d9384f06ff9f6c4157ebe90

General

Target

a6066b4a7a296ed0b286a991b4a2ccd08b16e21f4d9384f06ff9f6c4157ebe90
Size

48KB
MD5

0cf7a7c4a1ef3fafac4706d36b697b0c
SHA1

1cd9910bb2452694a9f04048630dd630f4c73004
SHA256

a6066b4a7a296ed0b286a991b4a2ccd08b16e21f4d9384f06ff9f6c4157ebe90
SHA512

36e9a198fe967afae5843b7cbb94de4c76d236021de4aaaaf38b57264a1f26976282aef3e97e9102778cff4ba46dd740c46c7fc143984ad51e9a536e4b9f7310
SSDEEP

384:V1dEujqcsNpLszCHaz8z9ND7eW2XbIni9daDbfubKY:mujqJNpLszCR1CLI6mtY

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

a6066b4a7a296ed0b286a991b4a2ccd08b16e21f4d9384f06ff9f6c4157ebe90
.exe windows x86

981c34f951abfffabe4cff1145951f18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

Sleep
GetSystemTime
GetFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateFileA
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetCurrentThreadId
GetStartupInfoA
GetLastError
GetCommandLineA
FreeLibrary
ExitProcess
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

url

InetIsOffline

user32

TranslateMessage
RegisterClassExA
PostQuitMessage
LoadIconA
LoadCursorA
GetMessageA
DispatchMessageA
DefWindowProcA
CreateWindowExA
GetKeyboardType
MessageBoxA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

UPX0
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

981c34f951abfffabe4cff1145951f18

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

url

user32

wininet

Sections

UPX0 Size: 44KB - Virtual size: 44KB

.rsrc Size: 1024B - Virtual size: 4KB

.avc Size: 2KB - Virtual size: 4KB

UPX0
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 1024B - Virtual size: 4KB

.avc
Size: 2KB - Virtual size: 4KB