d1504435f08b29ac410177540ca82d6bbd213a834b77073e18aeeae306a1eef2

Sharing

Copy URL Twitter E-mail

General

Target

d1504435f08b29ac410177540ca82d6bbd213a834b77073e18aeeae306a1eef2
Size

419KB
MD5

7e4c2da85b86e345c826895d4f6031b4
SHA1

8664b4d974dd7b0828e898a4f8533f125db26759
SHA256

d1504435f08b29ac410177540ca82d6bbd213a834b77073e18aeeae306a1eef2
SHA512

a9b069834407ce7b817ae9d285e02dc74b3974d5e59ab079be29c146ad7fcd53896e27a6cf12019a814517fee52decadd6b05fc65d4d754d34e418b8f4eed5e3
SSDEEP

12288:C35N/lTMo/wbGYOrrvkgQ1YsYfyOBLl2B:C3zdLHYOXkga5Yh2B

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

d1504435f08b29ac410177540ca82d6bbd213a834b77073e18aeeae306a1eef2
.exe windows x86

59d92d96acc6df7769b245e8acbf866a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
VirtualAlloc
GetModuleFileNameA
ExitProcess

user32

wsprintfA
MessageBoxA

Sections

Size: - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.spack
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: - Virtual size: 562B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.MaskPE
Size: - Virtual size: 538B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.UPX0
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX1
Size: 417KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59d92d96acc6df7769b245e8acbf866a

Headers

File Characteristics

Imports

kernel32

user32

Sections

Size: - Virtual size: 648KB

Size: - Virtual size: 12KB

Size: - Virtual size: 8KB

Size: - Virtual size: 16KB

Size: - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: - Virtual size: 44KB

.rsrc Size: - Virtual size: 36KB

.spack Size: - Virtual size: 8KB

.MaskPE Size: - Virtual size: 562B

.MaskPE Size: - Virtual size: 538B

.UPX0 Size: - Virtual size: 21KB

.UPX1 Size: 417KB - Virtual size: 417KB

.reloc Size: 512B - Virtual size: 108B

.rsrc
Size: - Virtual size: 36KB

.spack
Size: - Virtual size: 8KB

.MaskPE
Size: - Virtual size: 562B

.MaskPE
Size: - Virtual size: 538B

.UPX0
Size: - Virtual size: 21KB

.UPX1
Size: 417KB - Virtual size: 417KB

.reloc
Size: 512B - Virtual size: 108B