bdcff5f4e9075f04ffa90020bddfc5cf5e3215d8360479cbacea0bf16a54da3e

General

Target

bdcff5f4e9075f04ffa90020bddfc5cf5e3215d8360479cbacea0bf16a54da3e
Size

79KB
MD5

28ba623f8036655d12c4373351309541
SHA1

befe1914e201ecf2f0fb72f726fd7f3ac137b70e
SHA256

bdcff5f4e9075f04ffa90020bddfc5cf5e3215d8360479cbacea0bf16a54da3e
SHA512

bbe0a4653e2417eb4e8751b81f04f31f65c66a330bd627e18e0e11ecb4da5ad391f9a22e9b57046258aebf2cc233a38551ec773bda3312e9044e5c58f6a62001
SSDEEP

768:MamwMLXPbZQ7vRzGjUsynkKmcNqMvD6zritQRzx+7iUiMPeHndUEnnwVy:MvwMLDqGjWkSD6zritSzx+7E1ndUknP

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

bdcff5f4e9075f04ffa90020bddfc5cf5e3215d8360479cbacea0bf16a54da3e
.exe windows x86

e02bd49399002a811a5b9e9f2fe0e79b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
lstrcatA
WinExec
LCMapStringW
LCMapStringA
SetEndOfFile
lstrlenA
GetSystemDirectoryA
GetTickCount
lstrcpyA
Sleep
ReadFile
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
CreateFileA
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
SetUnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
ExitProcess
TerminateProcess
GetCurrentProcess
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
RtlUnwind
RaiseException
HeapFree
HeapReAlloc
HeapAlloc
HeapSize
GetLastError
CloseHandle
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings

user32

LoadStringA
GetDesktopWindow

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

ole32

CoCreateInstance
CLSIDFromProgID
CoInitialize
CoUninitialize

oleaut32

ws2_32

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetGetConnectedState
InternetCloseHandle

Sections

UPX0
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e02bd49399002a811a5b9e9f2fe0e79b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

ws2_32

wininet

Sections

UPX0 Size: 76KB - Virtual size: 76KB

UPX1 Size: 512B - Virtual size: 4KB

.avp Size: 2KB - Virtual size: 4KB

UPX0
Size: 76KB - Virtual size: 76KB

UPX1
Size: 512B - Virtual size: 4KB

.avp
Size: 2KB - Virtual size: 4KB