c9bad8a68f4a9644c9a1b5669dcb36b343f15ac21578c5b44fef64b630533606 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9bad8a68f4a9644c9a1b5669dcb36b343f15ac21578c5b44fef64b630533606
Size

79KB
MD5

e6e809a7028aa3f0419385d4ab4d3b13
SHA1

09f60c7867da4c6a125bb42eeb9252fb065e55dd
SHA256

c9bad8a68f4a9644c9a1b5669dcb36b343f15ac21578c5b44fef64b630533606
SHA512

20843271737a7c70cb00b006900221c4b7bb4c206d63388e31c3dd92fe158a9a3be07985dbc3222cdfd8f1200dd515e96c4a136699d9e4c2b433db812818f674
SSDEEP

1536:nYqLXTtQRPegy72qndkAo6Q7QDv2dh3XjFahy39jiXRpCvs1W5S+k:YMyRePJkAo6QsiDttjiBcE1H+k

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c9bad8a68f4a9644c9a1b5669dcb36b343f15ac21578c5b44fef64b630533606
.dll windows x86

267a729c41804ed14136723ca19e1811

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnableScrollBar
DrawMenuBar
DeleteMenu
CharUpperA
BeginPaint

kernel32

GetLocalTime
lstrcmpiA
lstrcmpA
TlsSetValue
SetLastError
SetCurrentDirectoryA
EnterCriticalSection
ExitProcess
FlushFileBuffers
GetCommandLineA
GetDateFormatA
GetVersion
GetVersionExA
LoadLibraryA
LocalAlloc
RaiseException

Sections

.text
Size: 21KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ