c3f498de6a2c7c19a61e4e0c7817febdcffb1f483ff049ee335ef9dd6efd6511

Sharing

Copy URL Twitter E-mail

General

Target

c3f498de6a2c7c19a61e4e0c7817febdcffb1f483ff049ee335ef9dd6efd6511
Size

205KB
MD5

011ae455c3341a6484a71b796bc881f4
SHA1

6db7efaea2234c82534e7cd67bebf848a27bbd45
SHA256

c3f498de6a2c7c19a61e4e0c7817febdcffb1f483ff049ee335ef9dd6efd6511
SHA512

1319b833d4ea2df98f3ba3282644076b9e1c83ad5fdcf354f4c44a89858920f6fcf9439fb8b5ffc32efc11ef1c084252fd7530aec1d9ec278c4325d4b7102b1f
SSDEEP

1536:11ksh3mhjdYd2DfCwoqTg+SZ/KbmJJJ655ZZoIWlCgvBbr4qT:1YhjdYd2DfCBH1hJJJ655ZZodkMT

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3f498de6a2c7c19a61e4e0c7817febdcffb1f483ff049ee335ef9dd6efd6511

Files

c3f498de6a2c7c19a61e4e0c7817febdcffb1f483ff049ee335ef9dd6efd6511
.exe windows x64

fcc159de355298baa0e5bc0f86ba2c90

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
GetStartupInfoA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__initenv
__iob_func
__getmainargs
__lconv_init
__set_app_type
_acmdln
__setusermatherr
_amsg_exit
_cexit
_commode
_fmode
_errno
memcpy
memset
srand
_initterm
_lock
_onexit
_time64
_unlock
abort
calloc
exit
fprintf
fputc
free
fwrite
localeconv
malloc
rand
signal
strerror
strlen
strncmp
vfprintf
wcslen

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.VMP
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fcc159de355298baa0e5bc0f86ba2c90

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 32KB - Virtual size: 31KB

.data Size: 512B - Virtual size: 288B

.rdata Size: 3KB - Virtual size: 3KB

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 2KB

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 144B

.VMP Size: 101KB - Virtual size: 101KB

.UPX Size: 24KB - Virtual size: 24KB

.text
Size: 32KB - Virtual size: 31KB

.data
Size: 512B - Virtual size: 288B

.rdata
Size: 3KB - Virtual size: 3KB

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 144B

.VMP
Size: 101KB - Virtual size: 101KB

.UPX
Size: 24KB - Virtual size: 24KB