a19aec1b39c2fc0f57800a094afcc0c074da69c25264ea3186090f7606a39587 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a19aec1b39c2fc0f57800a094afcc0c074da69c25264ea3186090f7606a39587
Size

794KB
MD5

05073981a87544613f9a5794247fb230
SHA1

9d1b29c067baea1770ead5a5e27cb8225de69228
SHA256

a19aec1b39c2fc0f57800a094afcc0c074da69c25264ea3186090f7606a39587
SHA512

f2e4ce35c052e0b9ef5fcacaef7a97d4f2250df46569d804dc6990f8f5ec2102840e5d2b605ca70b1755935412361aca1a7ab97395611266f9da0ab2417d2fdd
SSDEEP

24576:Mt3zXzln3M/a6JWjif0ZxXqrvk+7qwfOhDB:MpzZ3yaljicZxSt7JgB

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

a19aec1b39c2fc0f57800a094afcc0c074da69c25264ea3186090f7606a39587
.exe windows x86

cf087fdfb61fcce80eed78eb1b9d5b8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
CreateFileA
CloseHandle
ExitProcess
WriteProcessMemory
ReadProcessMemory
VirtualProtectEx
VirtualProtect
GetVersion
GetModuleHandleA
GetLastError

advapi32

GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

user32

MessageBoxA

winmm

mciSendCommandA

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX3
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX4
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX6
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX7
Size: 740KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE