9df11a3756093d9b7d191e1a866a23436d2339daaf99f93708cecb4834212cbd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9df11a3756093d9b7d191e1a866a23436d2339daaf99f93708cecb4834212cbd
Size

22KB
MD5

18d4255a5042b4bffdae92da7bc20090
SHA1

a0d58f122e31d3ae4eb44059b942af1abca03aa4
SHA256

9df11a3756093d9b7d191e1a866a23436d2339daaf99f93708cecb4834212cbd
SHA512

122b08529af4cf0c96259793d59787572708e0967ab4bde3dd40e6f89a34f8c81d1454a0a6523105184ddf0503dea5e7624d83cc12ee8cf94b4f6152a065553b
SSDEEP

384:P7iS82a6axgPYCSa2oFuQb4NDpCdKPrczXAyZb:P29g3SNoJbODpEKPYE6b

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

9df11a3756093d9b7d191e1a866a23436d2339daaf99f93708cecb4834212cbd
.exe windows x86

7a428dc50e17e5dc50247e42a18cb004

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
CreateMutexA
GetModuleHandleA
GetProcAddress
LoadLibraryA
lstrlenA
SetFilePointer
ReadFile
GetFileSize
CreateFileA
lstrcpyA
lstrcmpiA
HeapFree
GetProcessHeap
WideCharToMultiByte
GetThreadLocale
GetSystemDefaultLCID
GetTimeZoneInformation
GetLocalTime
GetTickCount
GetWindowsDirectoryA
lstrcatA
GetModuleFileNameA
HeapReAlloc
HeapAlloc
CloseHandle
SetEndOfFile
WriteFile
GetStartupInfoA
ExitProcess
GetCommandLineA
GetLastError
CreateProcessA
Sleep

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA

ole32

CoCreateGuid
StringFromCLSID

rasapi32

RasDeleteEntryA
RasHangUpA
RasEnumDevicesA
RasEnumConnectionsA
RasGetConnectStatusA

user32

CharNextA
wsprintfA

wininet

HttpSendRequestA
InternetReadFile
InternetCloseHandle

Sections

UPX0
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE