bf7a36f01ab6f81802f67eedbfa56c1b2e3dccdeca05ec9c132f8635d900d558

General

Target

bf7a36f01ab6f81802f67eedbfa56c1b2e3dccdeca05ec9c132f8635d900d558
Size

162KB
MD5

cfabf1f8809bbf30e9d2897ccadcf2c8
SHA1

7e7d987e74413ba8f80f8667a97e95f302d721b8
SHA256

bf7a36f01ab6f81802f67eedbfa56c1b2e3dccdeca05ec9c132f8635d900d558
SHA512

8d78aad3b2c41f6c45b23b1b5ff107ad8b437b267569c56b0f24605c9c71737e35d2774923e7688b0e04bc2c2baa30553dc0cc361da7b7901c25fba981884c66
SSDEEP

3072:OW1Uf/ryVWzMV5U8X7T/7Bz761nXlSYw/DnsOw/jqVT0Nla1S3C0/cC4cJct:GLx2U8797OXlfcnsJut0HaE3F/8t

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/NEROUE~1.EXE	upx

Files

bf7a36f01ab6f81802f67eedbfa56c1b2e3dccdeca05ec9c132f8635d900d558
.cab
NEROUE~1.EXE
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 121KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
is151287.exe
.exe windows x86

0787f246458e92de1a8253217f98bc36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawCaption
DispatchMessageA
DestroyWindow
DestroyCursor
CreateDesktopW
CreateCursor
CreateAcceleratorTableA
CharUpperBuffA
CharNextA
ChangeMenuA

kernel32

GetSystemTimeAsFileTime
lstrlenA
lstrcpynA
WriteFile
VirtualFree
UnmapViewOfFile
TlsGetValue
TlsAlloc
SetLastError
SetCurrentDirectoryA
RaiseException
CompareStringA
FlushFileBuffers
GetDateFormatA
GetModuleHandleA
GetStartupInfoA
GetSystemTime
GetVersion
GetVersionExA
InitializeCriticalSection
LoadResource
MapViewOfFile
OpenFileMappingA

Sections

.text
Size: 19KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 36KB

UPX1 Size: 121KB - Virtual size: 124KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 96KB - Virtual size: 95KB

0787f246458e92de1a8253217f98bc36

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 19KB - Virtual size: 56KB

.data Size: 2KB - Virtual size: 4KB

.rdata Size: 39KB - Virtual size: 40KB

.idata Size: 1KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 36KB

UPX1
Size: 121KB - Virtual size: 124KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 96KB - Virtual size: 95KB

.text
Size: 19KB - Virtual size: 56KB

.data
Size: 2KB - Virtual size: 4KB

.rdata
Size: 39KB - Virtual size: 40KB

.idata
Size: 1KB - Virtual size: 4KB