940bc2ac4f6e8be20d8883907593e39a5df2c8f14f233c6b5dc10bf11379814b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

940bc2ac4f6e8be20d8883907593e39a5df2c8f14f233c6b5dc10bf11379814b
Size

26KB
MD5

15533e86d9e45c7a659055bb3a521c90
SHA1

62a45af23e0838aa21b9d79aeb20379c02078406
SHA256

940bc2ac4f6e8be20d8883907593e39a5df2c8f14f233c6b5dc10bf11379814b
SHA512

ab783a041c12acc827c282c53062054059e7666308a93b5f6e9c067be04f8c26f3069e3efb673b839555adf7d39dd22cc173c0186cd3d14da109d9cd2fcb5d4c
SSDEEP

192:s/qT/aMYWxEbl/qlPj7E+3gsqZxbzG0vgl+v9bPQxq2C9n/LnfGOcx:aVKkstqZxby0vgl+v9bPkq2c/Luz

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

940bc2ac4f6e8be20d8883907593e39a5df2c8f14f233c6b5dc10bf11379814b
.dll windows x86

87ca0c7b5ad77f5ce2ce18a59e9ea3d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CreateThread
GetProcAddress

msvcrt

atoi
strrchr
strstr
??2@YAPAXI@Z
??3@YAXPAX@Z
memset

shell32

ShellExecuteA

user32

OpenDesktopA
SetProcessWindowStation
OpenWindowStationA
SetThreadDesktop
wsprintfA

wininet

GetUrlCacheEntryInfoA

Sections

UPX0
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE