842e7e5f10c2dc0dab44fdd5ed719f0e52cf53afe967e893e5a5a1e4a407fb2e

Sharing

Copy URL Twitter E-mail

General

Target

842e7e5f10c2dc0dab44fdd5ed719f0e52cf53afe967e893e5a5a1e4a407fb2e
Size

324KB
MD5

def1377069eaf68306096714a386d350
SHA1

1bbc7045f3f77b234abcb2730c9dac2f96ed4e7d
SHA256

842e7e5f10c2dc0dab44fdd5ed719f0e52cf53afe967e893e5a5a1e4a407fb2e
SHA512

041490fd7a2e86310d5f9bcd29c304102458d69d9e51c8df3188e248bd9373bb4d7f3c42487dc6167541f027be6f5c1fb83dec7cb625d25c3d7e4247936e22d1
SSDEEP

6144:izZ3cpx81M5RKVeVMnk/2ihyIjGU7/iY1mukMiv3Apuxx2lbGqCUjImh6m:1pKK5Mk/2BCFkMivw4FqCev

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

842e7e5f10c2dc0dab44fdd5ed719f0e52cf53afe967e893e5a5a1e4a407fb2e
.exe windows x86

5752a70b22e1e042de6574294eaf4060

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

setupapi

SetupDiEnumDeviceInfo
SetupGetLineTextA
SetupGetLineByIndexA
SetupGetLineCountA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupCloseInfFile
SetupDiGetDeviceRegistryPropertyA
SetupDiRemoveDevice
SetupOpenInfFileA

kernel32

lstrcmpA
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GlobalFlags
GlobalGetAtomNameA
GetThreadLocale
FileTimeToSystemTime
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GetLocaleInfoA
GetCPInfo
GetOEMCP
MoveFileA
ReadFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFullPathNameA
FileTimeToLocalFileTime
HeapAlloc
HeapFree
HeapReAlloc
VirtualAlloc
RtlUnwind
GetDriveTypeA
GetProcessHeap
GetStartupInfoA
RaiseException
HeapSize
ExitProcess
GetACP
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
LCMapStringW
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GlobalLock
GlobalUnlock
FindResourceA
LoadResource
LockResource
SizeofResource
GetCommandLineA
GetVersionExA
GetCurrentProcessId
CreateDirectoryA
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
GlobalAlloc
GlobalFree
RemoveDirectoryA
GetCurrentDirectoryA
ExpandEnvironmentStringsA
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetFileAttributesA
SetFileAttributesA
DeleteFileA
LoadLibraryA
FreeLibrary
GetShortPathNameA
WritePrivateProfileStringA
SetLastError
Sleep
OpenProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetProcAddress
lstrcpyA
GetSystemDirectoryA
GetWindowsDirectoryA
GetPrivateProfileStringA
lstrlenA
CompareStringW
CompareStringA
FormatMessageA
LocalFree
CloseHandle
DeleteCriticalSection
EnterCriticalSection
WriteFile
OutputDebugStringA
LeaveCriticalSection
InitializeCriticalSection
GetModuleFileNameA
CreateFileA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange

user32

TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
PostQuitMessage
DestroyMenu
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
PostMessageA
GetWindowTextA
GetWindowThreadProcessId
EnumWindows
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
MessageBoxA
EnableWindow
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled

gdi32

DeleteObject
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
ExtTextOutA
SaveDC
RestoreDC
DeleteDC
GetStockObject
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
SetMapMode

oleaut32

VariantInit
VariantClear
VariantChangeType

Exports

Exports

LoadIniFile
LoadScrubber
LocateIniFile

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5752a70b22e1e042de6574294eaf4060

Headers

File Characteristics

Imports

shlwapi

version

setupapi

kernel32

user32

gdi32

oleaut32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 4KB - Virtual size: 984B

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 4KB - Virtual size: 984B

.UPX0
Size: 108KB - Virtual size: 260KB