pupyx86d[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

pupyx86d.exe
Size

4.9MB
MD5

7b3174df6b1900c0cc169bb2af09dee6
SHA1

1a8892fef760c9614768d290187a4ea285a52ec5
SHA256

1f8b2970b6ef7fe977f303010bce82a45b38ce592df284c12b287c8aa552b973
SHA512

95c0c2484946c2a1e2f8abad86ea7f8fa96cb4d2d655145c91e9bedf5948d68e28ef34314a9469231b3dac5ca4bb3e2622434bb7995221251fe390420f992ff6
SSDEEP

98304:5RcK/oMZqW8mHe+9js510BFM43xUt0b6S8PCCvBXxLxL8W7fvHVJ:/FJkWfVM0BCWgS8Pz19B8Mv1

Score

1^/10

Malware Config

Signatures

Files

pupyx86d.exe
.exe windows x86

1ac5cfbe68f5195f2b13de5f5f9b218c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyWindow
RegisterClassExA
MsgWaitForMultipleObjects
TranslateMessage
UnregisterClassA
CreateWindowExA
PeekMessageA
DefWindowProcA
DispatchMessageA

advapi32

CreateProcessAsUserA

kernel32

SetEndOfFile
SetStdHandle
SetFilePointer
ReadFile
IsBadReadPtr
AttachConsole
FreeLibrary
VirtualFree
VirtualQueryEx
OpenProcess
Thread32First
Thread32Next
GetLastError
SetLastError
GetProcAddress
VirtualAlloc
VirtualProtectEx
VirtualAllocEx
LoadLibraryA
OpenThread
CreateToolhelp32Snapshot
GetVersionExA
CloseHandle
WriteProcessMemory
ResumeThread
GetCurrentThreadId
CreateThread
CreateRemoteThread
GetModuleHandleA
GetThreadContext
SetThreadContext
CreateProcessA
TerminateProcess
CreatePipe
FindResourceA
GetModuleHandleExA
FindResourceExW
FindResourceW
LoadResource
LoadLibraryExW
GetModuleHandleExW
GetModuleHandleW
InitializeCriticalSection
FindResourceExA
WideCharToMultiByte
LoadLibraryW
SizeofResource
LeaveCriticalSection
GetModuleFileNameW
MultiByteToWideChar
EnterCriticalSection
LocalAlloc
GetModuleFileNameA
LoadLibraryExA
LocalFree
CreateFileA
GetNativeSystemInfo
lstrlenA
MapViewOfFile
UnmapViewOfFile
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
GetThreadLocale
CreateFileMappingA
VirtualProtect
GetCommandLineW
SetErrorMode
GetCurrentProcess
GetTempFileNameA
GetTempPathA
GetCommandLineA
GetStartupInfoA
Sleep
ExitProcess
HeapReAlloc
SetConsoleCtrlHandler
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

Exports

Exports

_ReflectiveLoader@4

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xzdata
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ac5cfbe68f5195f2b13de5f5f9b218c

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 279KB - Virtual size: 285KB

.xzdata Size: 4.5MB - Virtual size: 4.5MB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 279KB - Virtual size: 285KB

.xzdata
Size: 4.5MB - Virtual size: 4.5MB