28e75cdff480b46a24620fa902af85161c42bd36abf002fff0f4ea18d33a4bae

General

Target

28e75cdff480b46a24620fa902af85161c42bd36abf002fff0f4ea18d33a4bae
Size

643KB
MD5

04d3391fedb9d57adc930b893aa70352
SHA1

e86ce824fe1cc20d16ba986bf23fee0c1e94a858
SHA256

28e75cdff480b46a24620fa902af85161c42bd36abf002fff0f4ea18d33a4bae
SHA512

f120073bda8da2c116e43023dfa454397173d2e43069c21deac763861a89742689693cccc84e8826d576950ac41f0ff81c8b1166bf70c1ce30c0d28d85de5da1
SSDEEP

12288:HFX1pYSjVtXkgNXA6tlis0BlH/7loIhFqVHhc+j1t4G8n5p3:HFX1pYSP3hAUUs0Tho++Bj1Ap

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28e75cdff480b46a24620fa902af85161c42bd36abf002fff0f4ea18d33a4bae

Files

28e75cdff480b46a24620fa902af85161c42bd36abf002fff0f4ea18d33a4bae
.exe windows x86

8864948b624a33b260714f546b0b4009

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateThread
DeleteFileA
ExitProcess
ExitThread
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetTempFileNameA
GetTempPathA
GetVersionExA
LoadLibraryA
LoadLibraryExA
OpenProcess
WriteProcessMemory
VirtualAlloc
VirtualFree
WriteFile

Sections

UPX0
Size: - Virtual size: 676KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 97KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pe
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX0
Size: - Virtual size: 764KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 420KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8864948b624a33b260714f546b0b4009

Headers

File Characteristics

Imports

kernel32

Sections

UPX0 Size: - Virtual size: 676KB

UPX1 Size: 97KB - Virtual size: 100KB

.rsrc Size: 110KB - Virtual size: 112KB

.pe Size: 1024B - Virtual size: 4KB

UPX0 Size: - Virtual size: 764KB

UPX1 Size: 420KB - Virtual size: 424KB

.rsrc Size: 6KB - Virtual size: 8KB

pebundle Size: 8KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 676KB

UPX1
Size: 97KB - Virtual size: 100KB

.rsrc
Size: 110KB - Virtual size: 112KB

.pe
Size: 1024B - Virtual size: 4KB

UPX0
Size: - Virtual size: 764KB

UPX1
Size: 420KB - Virtual size: 424KB

.rsrc
Size: 6KB - Virtual size: 8KB

pebundle
Size: 8KB - Virtual size: 8KB