be3cf38d5f57f4202df738fb11af157e1619b3719991f7cacfc7a33f0231fd20 | Triage

Sharing

General

Target

be3cf38d5f57f4202df738fb11af157e1619b3719991f7cacfc7a33f0231fd20
Size

2.4MB
MD5

f268f974640858bf584cbd2676ade260
SHA1

07ade8671aa86c5b0cf65ee358ab3ebdd6fe94c8
SHA256

be3cf38d5f57f4202df738fb11af157e1619b3719991f7cacfc7a33f0231fd20
SHA512

c06e34eaacc8693cfee8584d9ad8878c14ce1e7179f8bae6930894b8a1f9c92faee8cce5972322c280bb4072c04034fc76a751ebea510770637c38874f4a2cbe
SSDEEP

49152:mCUJyaV89TFnfQNIa3QTTXWuLx882PO5GW5x5SZZqSC9uk5a:rudQTFnVWqxH8GnkEl

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

be3cf38d5f57f4202df738fb11af157e1619b3719991f7cacfc7a33f0231fd20
.exe windows x86

8b78958f7c3f6c977439ba7f2a8e7f6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

pSetupWriteLogError
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GetAtomNameW
GetFileAttributesA
FlushFileBuffers
GetVolumeInformationW
GetVersionExW
LockFile
SearchPathW
FindResourceExA
EnumResourceNamesA
GetFileType
FileTimeToSystemTime
IsDBCSLeadByte
GetProfileStringW
SetEndOfFile
CompareStringW
CreateHardLinkW
GetFileTime
GetUserDefaultLangID
FileTimeToLocalFileTime
UnlockFile
GetSystemDirectoryW

ole32

CoInitializeSecurity
CoTaskMemRealloc
StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
StringFromCLSID
CoCreateInstance
IIDFromString
OleUninitialize

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UPX0
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE