ca807b545e1b5d95572f4a3d076381c0c00c41a04920b13b20da42bc98601924

Sharing

Copy URL Twitter E-mail

General

Target

ca807b545e1b5d95572f4a3d076381c0c00c41a04920b13b20da42bc98601924
Size

296KB
MD5

6f14b687789f925248f5ce9fc4b26c32
SHA1

703eedca34a5acbb94a34103aaaf765e39051fc6
SHA256

ca807b545e1b5d95572f4a3d076381c0c00c41a04920b13b20da42bc98601924
SHA512

6ec6f45be02e70cfe43cc080a3cd07c064b2dc1d62f22d92208a67a374cfb13eb066317348bab9291bedb915871a2cc4110d17f17a57cd4d56517b7604e7d11f
SSDEEP

6144:d4I+3TdLfC/ctQJv0pMm7EV6LWHuetH5g0TS3h0fzA:dQTdectQupfLWHrr0h0f

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

ca807b545e1b5d95572f4a3d076381c0c00c41a04920b13b20da42bc98601924
.exe windows x86

896d8d03ce0666be9fa28642c25d9551

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
GetStdHandle
GetFileType
WideCharToMultiByte
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapSize
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
ReadFile
InterlockedDecrement
InterlockedIncrement
SetStdHandle
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
IsBadReadPtr
IsBadCodePtr
CreateFileA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetEndOfFile
DeleteCriticalSection
MultiByteToWideChar
InitializeCriticalSection
FlushFileBuffers
WriteFile
GetLastError
RaiseException
GetVersion
GetCommandLineA
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
HeapFree
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
TerminateProcess
ExitProcess
GetModuleFileNameA
GetTempPathA
Sleep
GetTickCount
GetModuleHandleA
WaitForSingleObject
CloseHandle
CreateThread
FreeLibrary
LoadLibraryA
GetProcAddress
SetUnhandledExceptionFilter

user32

LoadIconA
SetWindowLongA
DefWindowProcA
CreateWindowExA
MoveWindow
GetWindowRect
DefMDIChildProcA
DefDlgProcA
ShowWindow
SystemParametersInfoA
SetWindowPos
PostQuitMessage
SetWindowTextA
RegisterClassA
MessageBoxA
GetClassInfoA
GetParent
BeginPaint
EndPaint
ReleaseCapture
DrawTextA
IntersectRect
IsRectEmpty
LoadCursorA
SetCursor
SendMessageA
SetCapture
GetScrollInfo
ScrollWindow
SetScrollInfo
GetWindowLongA
GetSystemMetrics
PostMessageA
GetClientRect
UpdateWindow
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
SetTimer
KillTimer
ShowCursor
DestroyWindow
FillRect
ReleaseDC
InvalidateRect
GetDC

gdi32

SelectPalette
CreatePalette
DeleteObject
GetDeviceCaps
GetSystemPaletteEntries
DeleteDC
StretchDIBits
SelectObject
CreateCompatibleDC
CreateDIBSection
SetStretchBltMode
SetROP2
PatBlt
LineTo
MoveToEx
CreatePen
CreateFontIndirectA
CreateSolidBrush
BitBlt
GdiFlush
SetBkMode
SetTextColor
SetViewportExtEx
SetWindowExtEx
SetMapMode
GetObjectA
SetBkColor
RealizePalette

ole32

CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

896d8d03ce0666be9fa28642c25d9551

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

Sections

.text Size: 148KB - Virtual size: 146KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 2KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 148KB - Virtual size: 146KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 2KB

.UPX0
Size: 108KB - Virtual size: 260KB