Dokumenter[.]docx_dump_SCY[.]exe

General

Target

Dokumenter.docx_dump_SCY.exe
Size

223KB
MD5

9c849023bb3b51ee9a744d877ef128dd
SHA1

28048b2f5c87653012ff7df89776253201bdef32
SHA256

3665876767faa2d3daf5e4fe9732afd1abf5dcc5556cd4248cf627dc426a0648
SHA512

71e192ecbf01d5ec976faad1c46dcd9c047b7ab543a09e85a347308f1174eb574d214474786d7e04a00ea71d985c7a3f93329b0e866336a90f839772193b174f
SSDEEP

6144:luFGHj+QpGOW0hx6G9HB6SVAwajzjZV3pvFzDdbIE:UCG

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

Dokumenter.docx_dump_SCY.exe
.exe windows x86

c2a28209186cddafc8c58aa62ff7fb0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

comctl32

InitCommonControlsEx

comdlg32

GetSaveFileNameA

?

?
?
?
?
?

gdi32

DeleteDC
SelectObject

kernel32

CloseHandle
CreateFileA
CreateThread
DeleteFileA
ExitProcess
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetThreadLocale
ReadFile
SetFilePointer
SetUnhandledExceptionFilter
WriteFile

msvcrt

_mbsdup
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
_strnicmp
atexit
free
malloc
memcpy
memset
realloc
signal
_mbscat
_mbscpy
strlen

shell32

ShellExecuteA

user32

BeginPaint
CreateWindowExA
DialogBoxParamA
EndPaint
GetClientRect
GetDlgItemTextA
GetSystemMetrics
LoadBitmapA
LoadImageA
PostQuitMessage
SendMessageA
SetDlgItemTextA
SetWindowTextA

Sections

UPX0
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SCY
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c2a28209186cddafc8c58aa62ff7fb0b

Headers

File Characteristics

Imports

comctl32

comdlg32

?

gdi32

kernel32

msvcrt

shell32

user32

Sections

UPX0 Size: 188KB - Virtual size: 188KB

UPX1 Size: 28KB - Virtual size: 28KB

.rsrc Size: 5KB - Virtual size: 8KB

.SCY Size: 1KB - Virtual size: 4KB

UPX0
Size: 188KB - Virtual size: 188KB

UPX1
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 5KB - Virtual size: 8KB

.SCY
Size: 1KB - Virtual size: 4KB