78a9e52087d2183d803d8597b93095349abd6392dd725785e4da3a83f7bc3125

Sharing

Copy URL Twitter E-mail

General

Target

78a9e52087d2183d803d8597b93095349abd6392dd725785e4da3a83f7bc3125
Size

232KB
MD5

1bc503cb14f258cf419132635f62c480
SHA1

1bdcd1c92057571124469818fc51bb145a16b919
SHA256

78a9e52087d2183d803d8597b93095349abd6392dd725785e4da3a83f7bc3125
SHA512

8c880159730c6ff82d0c29dfb1ba5e0cab58eb4d9319ddeed6eb64b9c2351c99edddc7fd21caee4d2b9711bb6c841075d0a01cb0a66b4d49f909ccd805e3dc9f
SSDEEP

6144:T1tgwH0RguoA3XRdQKjIeVnyQDOqEn7AVnp:T1tgTRguo2t0cyEHE7Yp

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

78a9e52087d2183d803d8597b93095349abd6392dd725785e4da3a83f7bc3125
.exe windows x86

c626779e479bb8232d091b486af390b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageA
DestroyPropertySheetPage

kernel32

IsDBCSLeadByte
InitializeCriticalSection
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
WaitForMultipleObjects
CloseHandle
CreateEventA
WaitForSingleObject
GetLocaleInfoA
GetSystemDefaultLCID
CreateFileA
CopyFileA
GetSystemDirectoryA
GetVersionExA
FlushFileBuffers
SetStdHandle
ReadFile
SetFilePointer
GetStringTypeW
GetStringTypeA
lstrcpynA
IsBadReadPtr
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
HeapSize
GetCurrentProcess
TerminateProcess
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
ExitProcess
GetVersion
GetStartupInfoA
RaiseException
HeapReAlloc
HeapFree
HeapAlloc
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
IsBadCodePtr
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
GetCommandLineA
GetCurrentThreadId
lstrcmpiA
CreateMutexA
GetLastError
CreateThread
CompareFileTime
InterlockedDecrement
InterlockedIncrement
RtlUnwind
LocalFree

user32

SendMessageA
EqualRect
PostQuitMessage
SetTimer
PeekMessageA
ChangeDisplaySettingsExA
EnumDisplaySettingsA
ChangeDisplaySettingsA
KillTimer
DispatchMessageA
GetMessageA
PostMessageA
CreateWindowExA
RegisterClassA
CharNextA
EnableWindow
GetDlgCtrlID
EndDialog
GetDlgItem
SetRectEmpty
DefWindowProcA
BroadcastSystemMessage
FindWindowA
wsprintfA
CallWindowProcA
SetWindowLongA
GetParent
DialogBoxParamA
EnumChildWindows
GetSystemMenu
EnableMenuItem
GetWindowRect
LoadStringA
WinHelpA
SetWindowTextA

advapi32

RegOpenKeyA
RegSetValueExA
RegCloseKey
RegEnumValueA
RegQueryInfoKeyA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA

ole32

CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VariantClear
VarUI4FromStr
SysAllocStringLen
RegisterTypeLi
SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysStringLen
LoadTypeLi

hccutils

FindResources
IsDisplayValid
GetHardwareKey
LoadSTRING
EnumDeviceByClass
ReleaseClassDevice
GetCommonRegKey
EnumDspDev
GetCurrentDisplay
LoadDialogString

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c626779e479bb8232d091b486af390b3

Headers

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

ole32

oleaut32

hccutils

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 16KB - Virtual size: 25KB

.rsrc Size: 4KB - Virtual size: 2KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 16KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 2KB

.UPX0
Size: 108KB - Virtual size: 260KB