cbc7d11b8ff41debeb394a1cd58b3b50e156650dd91ec6eec4cb1add297f81c4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cbc7d11b8ff41debeb394a1cd58b3b50e156650dd91ec6eec4cb1add297f81c4
Size

234KB
MD5

109a80304d7245de986d093e0c5a47a2
SHA1

9f467129c767b4cb4385e1c906fc2ef9c8f0f209
SHA256

cbc7d11b8ff41debeb394a1cd58b3b50e156650dd91ec6eec4cb1add297f81c4
SHA512

a0cbf8787b133e62edc83d0fb96f446460dea962e0883d718529825d53fb62a13e707827a2be82f48372542b6e4f008703c5dcb70b0a9b75a731ebcbfabedeff
SSDEEP

6144:Sci6mQzxNqWCf1Of73tJxjbTFMYGHTM4CO/m:SciU9WC

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

cbc7d11b8ff41debeb394a1cd58b3b50e156650dd91ec6eec4cb1add297f81c4
.dll windows x86

e674a1476ecf4ab007d885d442934687

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFiber
lstrcmpA
GetLocalTime
GetCommMask
IsBadCodePtr
SetLastConsoleEventActive
GetSystemDefaultLangID
VirtualAlloc
SetSystemTime
AddAtomA
GetDateFormatA
GetAtomNameA
SetCurrentDirectoryA
SetUnhandledExceptionFilter
GetFileType
GetLargestConsoleWindowSize
SetTapePosition
lstrcat
OpenFileMappingW
ConsoleMenuControl

gdi32

GdiGetBatchLimit
GetObjectA
PlayMetaFile
GetPixel
SelectClipPath
GetTextFaceA
GdiConvertBitmap
SetColorAdjustment
GetWindowOrgEx
EqualRgn
UpdateColors
Escape
PolyPolyline
GdiGetLocalBrush
GetHFONT
GdiPlayEMF
UpdateICMRegKeyA
SetArcDirection
StartDocW
RestoreDC
CreateICA
GdiComment
GetCharWidthFloatW
CancelDC
SetBitmapBits
GetWinMetaFileBits
GetTextExtentPointW
EndDoc

user32

DdeFreeDataHandle
DrawMenuBar
ReuseDDElParam
OemToCharBuffA
DefWindowProcW
ReleaseCapture
LoadMenuW
GetKeyboardType
SetProcessWindowStation
GetDCEx
GetClassWord
UpdatePerUserSystemParameters
EnumDesktopsW
GetAppCompatFlags

Sections

UPX0
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE