50752d2cf5da6f272e1ac9c9323976db45120656aa401780d4a3d0ba02aa7d2d

Sharing

Copy URL

Twitter E-mail

General

Target

50752d2cf5da6f272e1ac9c9323976db45120656aa401780d4a3d0ba02aa7d2d
Size

560KB
MD5

e45640f1f4bb1f630c9ec7879d9062f6
SHA1

838e5c0c045f60f02d460ecca5b5d161dcbdd6e2
SHA256

50752d2cf5da6f272e1ac9c9323976db45120656aa401780d4a3d0ba02aa7d2d
SHA512

8d0e7a4979a2168e1f67fbfc9ff3434c6387b9f695dc9cac7de03042e7cb438e1c62dc559672c73124f37d95ca322337196198fe4b1fda81e091db9f3d236dd6
SSDEEP

12288:k/xki3lVfRqmZ+lC0tj6Cc5jt0j5ftRASUKjY:kTzWtjJ8jtoRAUY

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

50752d2cf5da6f272e1ac9c9323976db45120656aa401780d4a3d0ba02aa7d2d
.exe windows x86

eec9d00c32faa761f7b7205ee3fc0c43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

TransparentBlt
GradientFill
AlphaBlend

kernel32

GetModuleFileNameA
GetStartupInfoA
GetVersionExA
HeapDestroy
HeapCreate
GetFileType
GetEnvironmentVariableA
VirtualFree
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
IsBadCodePtr
SetHandleCount
GetCommandLineA
GetStdHandle
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
LoadResource
LockResource
GlobalHandle
GlobalUnlock
GlobalFree
LoadLibraryW
GetProcAddress
CreateFileW
CloseHandle
GetEnvironmentStringsW
GetCommandLineW
GetEnvironmentStrings
UnhandledExceptionFilter
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetTimeZoneInformation
HeapSize
GetSystemTime
TerminateProcess
ExitProcess
RaiseException
RtlUnwind
GetStartupInfoW
WritePrivateProfileStringW
GlobalFlags
SetErrorMode
GetProcessVersion
TlsSetValue
TlsGetValue
LocalReAlloc
LocalAlloc
TlsFree
TlsAlloc
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
InitializeCriticalSection
GlobalGetAtomNameW
GlobalFindAtomW
GetVersion
GlobalAddAtomW
GetModuleHandleW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GetFileAttributesW
LocalFree
lstrcmpiW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
MulDiv
GetModuleHandleA
GetLastError
SetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
CreateFileA
HeapReAlloc
HeapFree
GetProcessHeap
HeapAlloc
GetComputerNameW
GetTimeFormatW
GetLocaleInfoW
GetLocalTime
GetSystemDefaultLCID
GetModuleFileNameW
CreateFileMappingW
lstrcpynA
GetFileSize
SetFilePointer
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindResourceExW
lstrcpyW
OpenFileMappingW
MapViewOfFile
lstrcatW
GlobalReAlloc
lstrlenW
WriteFile
GlobalSize
GlobalLock
GlobalAlloc
lstrcmpW
ReadFile
UnmapViewOfFile
lstrcpynW
GetDateFormatW
GetSystemDefaultLangID
FindResourceW
IsBadReadPtr
GetCPInfo

user32

GetClassNameW
BringWindowToTop
InvalidateRect
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuW
DestroyMenu
GetDesktopWindow
ReleaseCapture
TranslateAcceleratorW
LoadAcceleratorsW
ShowWindow
SetWindowTextW
IsDialogMessageW
LoadIconW
UpdateWindow
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextW
GetDlgCtrlID
DefWindowProcW
CreateWindowExW
SetPropW
GetPropW
GetMessageTime
GetMessagePos
PtInRect
SetForegroundWindow
GetWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
SystemParametersInfoW
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
MessageBoxW
SetCursor
ShowOwnedPopups
SendMessageW
GetSystemMetrics
CharUpperW
GrayStringW
DrawTextW
TabbedTextOutW
ClientToScreen
ScreenToClient
UnhookWindowsHookEx
GetDC
ReleaseDC
TranslateMessage
DispatchMessageW
FindWindowW
PostMessageW
PeekMessageW
SetTimer
KillTimer
EnableWindow
PostQuitMessage
OffsetRect
DrawTextExW
GetSysColorBrush
LoadCursorW
RemovePropW
CallWindowProcW
GetForegroundWindow
EqualRect
LoadStringW
SetRect
CopyRect
SetRectEmpty
wsprintfW
CharNextW
IsWindow
CreateDialogIndirectParamW
IsIconic
UnregisterClassW

gdi32

DeleteColorSpace
LPtoDP
Rectangle
GetStockObject
GetDeviceCaps
EndDoc
StartDocW
ResetDCW
SetAbortProc
CreateDCW
ExtSelectClipRgn
SetICMMode
StartPage
EndPage
AbortDoc
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
GetMapMode
GetObjectW
CreateBrushIndirect
CreateSolidBrush
CreatePen
GetTextExtentPoint32W
GetTextMetricsW
Polygon
Ellipse
FillPath
EndPath
BeginPath
StretchBlt
BitBlt
SetViewportOrgEx
PatBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontW
GetEnhMetaFileHeader
GetEnhMetaFileW
PlayEnhMetaFile
DeleteMetaFile
PlayMetaFile
SetMetaFileBitsEx
CreatePalette
GetEnhMetaFilePaletteEntries
SetWinMetaFileBits
SetViewportExtEx
SetWindowExtEx
StretchDIBits
SetStretchBltMode
SelectPalette
SetICMProfileW
GetICMProfileW
CloseFigure
PolyBezier
MoveToEx
ExtCreatePen
SetMiterLimit
CreateFontIndirectW
AddFontResourceW
StrokePath
StrokeAndFillPath
DeleteObject
PaintRgn
CreateRectRgn
MaskBlt
SetDIBits
CreateBitmap
SetBrushOrgEx
CreateBitmapIndirect
GetColorAdjustment
PlgBlt
ExtEscape
GetBitmapBits
CreatePatternBrush
GetSystemPaletteEntries
DeleteDC
RestoreDC
SelectObject
SaveDC
SetBkMode
SetPolyFillMode
SetBkColor
SetTextColor
SetMapMode
SetROP2
ScaleViewportExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
LineTo
SetTextAlign
GetCurrentPositionEx
PolylineTo
SetColorAdjustment
GetClipRgn
SelectClipPath
PolyBezierTo
CreateDIBPatternBrushPt
PtVisible
TextOutW
ExtTextOutW
RectVisible
Escape
DPtoLP
DeleteEnhMetaFile
CreateRectRgnIndirect

comdlg32

GetFileTitleW

winspool.drv

GetJobW
SetJobW
OpenPrinterW
ClosePrinter
DocumentPropertiesW
GetPrinterDriverW

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
GetUserNameW
RegCloseKey

shell32

DragFinish
DragQueryFileW

comctl32

ord17

Sections

.text
Size: 308KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 104KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eec9d00c32faa761f7b7205ee3fc0c43

Headers

File Characteristics

Imports

msimg32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 308KB - Virtual size: 305KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 60KB - Virtual size: 73KB

.rsrc Size: 40KB - Virtual size: 37KB

.UPX0 Size: 104KB - Virtual size: 252KB

.text
Size: 308KB - Virtual size: 305KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 60KB - Virtual size: 73KB

.rsrc
Size: 40KB - Virtual size: 37KB

.UPX0
Size: 104KB - Virtual size: 252KB