67493c8c557dedad36b32bdaae6f336c0ca3ffdf9fd5fa0f1eba35a93e1882af[.]bin[.]sample[.]gz

General

Target

67493c8c557dedad36b32bdaae6f336c0ca3ffdf9fd5fa0f1eba35a93e1882af.bin.sample.gz
Size

50KB
MD5

0b13cf84b7bee28f5319744736caa188
SHA1

abe04bf9d4272a70e55c9b524d83f062c724d9b6
SHA256

69d2e04fe860b6274d2d55c4077c933d67b6e986ab63dd5ca9041bd7b46797e9
SHA512

7dcbe70e1d2cacd8a37476ff3faa97450387f3427363da2b3ba2133e059b7fc1cc3e3e2837158f625d44fe59b916da8da0b33bd26790129484ff2b12a08f6f57
SSDEEP

1536:Qvem3NVKke41KNjRLfQ3r45XHC0cVi35HNcu3:Uk41KNjRTiu5t93

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sample

67493c8c557dedad36b32bdaae6f336c0ca3ffdf9fd5fa0f1eba35a93e1882af.bin.sample.gz
.gz
sample
.exe windows x86

60ea606386f113f4a78e7ae05ed8d601

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetStartupInfoA
GetModuleFileNameA
GetTempPathA
CopyFileA
GetModuleHandleA

mfc42

ord268
ord354
ord5186
ord665
ord5773
ord5442
ord823
ord1979
ord1567
ord825

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

msvcrt

fread
??1type_info@@UAE@XZ
__dllonexit
_onexit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
getc
putc
_CxxThrowException
printf
__CxxFrameHandler
fclose
fprintf
sprintf
fopen
_exit

shell32

ShellExecuteA

Sections

UPX0
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE