7207bbc851adf9b4ca19ea72c0ca025751f8908474749b3ae7c4526ba3030e15 | Triage

Sharing

General

Target

7207bbc851adf9b4ca19ea72c0ca025751f8908474749b3ae7c4526ba3030e15
Size

27KB
MD5

003d1ed9246b4e374fcd786b68ec6c20
SHA1

ab3aa390d6cc89f508e03d17293cdc47cc092bad
SHA256

7207bbc851adf9b4ca19ea72c0ca025751f8908474749b3ae7c4526ba3030e15
SHA512

fc99323537a4f65f6510c2d66453985adf40c7656ee4643b2c59cb36402dd273daeead9000f7a4bf3cf60a3ec1989f6f9d3be375eb28aa6ce66d594271a6f8a0
SSDEEP

192:59zOOiXsXcBna/1xFDZ0jXhYOIc1DZfA2USnZhNEfQFythAGrhTyPW6biZ:5Y3n41xFGSOIc1VfA2USn2fQ4frhT4W

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

7207bbc851adf9b4ca19ea72c0ca025751f8908474749b3ae7c4526ba3030e15
.exe windows x86

a23625297d1cca9a338f6b8606f81efa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
MoveFileExA
CloseHandle
WriteFile
CopyFileA
lstrlenA
lstrcatA
ExpandEnvironmentStringsA
lstrcpyA
FindResourceA
GetModuleHandleA
LoadResource
SizeofResource
LockResource
CreateFileA
lstrcmpA
GetStartupInfoA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA

msvcrt

_exit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter

shell32

ShellExecuteA

user32

PostQuitMessage
DefWindowProcA
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle
InternetReadFile

Sections

UPX0
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE