3ab8414d3f112f357e5597f35647a26d35aef2bb005da79e5392df532734988b

General

Target

3ab8414d3f112f357e5597f35647a26d35aef2bb005da79e5392df532734988b
Size

3.1MB
MD5

83991fbcd5aa4536cb0dff9fbf0bb02c
SHA1

29d0a9a3d2254933a3fb54a3dc652e3ead08f3f2
SHA256

3ab8414d3f112f357e5597f35647a26d35aef2bb005da79e5392df532734988b
SHA512

58b782b771fcc3ea838541d6b7e031a320bc09b5da0731582a5bc8c449f093dac0ca57b4836b8b35ecaa6b36274f05b763d4fed149a688fe29b994f06444b5b5
SSDEEP

98304:zK+VFbwFNY7zk7dnU7NPZQlE5BltEWA/w1m:z1o8M+jhhGWA/w1

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
3ab8414d3f112f357e5597f35647a26d35aef2bb005da79e5392df532734988b
unpack001/out.upx

Files

3ab8414d3f112f357e5597f35647a26d35aef2bb005da79e5392df532734988b
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

CheckPJ
GetRunC
HY_Close
HY_FreeMen
HY_GetBarCheckCode
HY_GetBarType
HY_GetLeft
HY_GetPicData
HY_GetPicData_UTF16
HY_GetPicData_UTF8
HY_GetPicHigh
HY_GetPicWidth
HY_GetRGB
HY_GetRunDir
HY_GetRunName
HY_GetRunNameA
HY_GetRunNameLenghtA
HY_GetSize_h
HY_GetSize_w
HY_GetTop
HY_GetVariable
HY_GetVariableLenght
HY_GetVariableName
HY_GetVariableNameA
HY_GetVariableNameA1
HY_GetVariableNameA2
HY_GetVariableNameEx
HY_GetVariableNameEx_P
HY_GetVariableNameLenghtA
HY_GetVariableNameLenghtA1
HY_GetVariableNameLenghtA2
HY_GetVariableName_P
HY_Initialization
HY_IsPrinting
HY_IsReg
HY_LabelBackColor
HY_LabelShape
HY_MsgBoxC
HY_OpenLax
HY_OpenLaxPw
HY_Pic_FreeMen
HY_Pic_bin
HY_Print
HY_PrintEx
HY_PrintPic
HY_PrintSet
HY_Print_NULL
HY_SaveLax
HY_SerPicDisplay
HY_SetBarcodeErrCheck
HY_SetColor1D
HY_SetColor2D
HY_SetColorTXT
HY_SetDataSource_Access
HY_SetDataSource_DBF
HY_SetDataSource_Excel
HY_SetDataSource_MySQL
HY_SetDataSource_Oracle
HY_SetDataSource_SQLServer
HY_SetDataSource_Sqlite
HY_SetDataSource_TXT
HY_SetDataTxtArray
HY_SetErrTip
HY_SetLeft
HY_SetPicFont
HY_SetSize
HY_SetTextList
HY_SetTop
HY_SetTrim
HY_SetVariable
HY_SetVariable2
HY_SetVariable_Array
HY_SetVariable_Array_UTF8
HY_SetVariable_Array_UTF8_P
HY_SetVariable_UTF16
HY_SetVariable_UTF16_P
HY_SetVariable_UTF8
HY_SetVariable_UTF8_P
d_mm
mm_d_
mm_d_dpi
�򿪱�ǩ�ļ�
��ƵĿ�խ��
ȡMOD_36
ȡ��ǰDPI_milת��ֵ
ȡ��ǰDPI��MIL
��ش�ӡ��ܽӿ�

Sections

UPX0
Size: - Virtual size: 7.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 211KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 7.7MB

UPX1 Size: 2.9MB - Virtual size: 2.9MB

.rsrc Size: 211KB - Virtual size: 212KB

Headers

File Characteristics

Sections

.text Size: 6.4MB - Virtual size: 6.4MB

.rdata Size: 1.7MB - Virtual size: 1.7MB

.data Size: 1.3MB - Virtual size: 1.9MB

.rsrc Size: 208KB - Virtual size: 207KB

.reloc Size: 299KB - Virtual size: 298KB

UPX0
Size: - Virtual size: 7.7MB

UPX1
Size: 2.9MB - Virtual size: 2.9MB

.rsrc
Size: 211KB - Virtual size: 212KB

.text
Size: 6.4MB - Virtual size: 6.4MB

.rdata
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 1.3MB - Virtual size: 1.9MB

.rsrc
Size: 208KB - Virtual size: 207KB

.reloc
Size: 299KB - Virtual size: 298KB