0e54e8b647a7bbf82f6772fc9d440df5

Sharing

Copy URL

Twitter E-mail

General

Target

0e54e8b647a7bbf82f6772fc9d440df5
Size

938KB
MD5

0e54e8b647a7bbf82f6772fc9d440df5
SHA1

a7caf92a9bbdb5f40bf1b04ef7e03be753e5b423
SHA256

52dbc7ee036790e5834e89fed468686ab24145a63b620daf455e46001a39edde
SHA512

950628aaf2d24400eb571a36a31537aabd852ab11096c7284d17437ee4b82da8e34f6b93ea36919bd900ed43f90eca2136c0a998163de1be8fb39eb43b8f2ca1
SSDEEP

24576:Cs2uGOjh4skbSu70VHttTbZHN7fm135+WV:CsXd4skOy0VHttW13QWV

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/server.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/best of hack.exe
unpack001/server.exe
unpack002/out.upx

Files

0e54e8b647a7bbf82f6772fc9d440df5
.rar
best of hack.exe
.exe windows:4 windows x86 arch:x86

18a8f1cc88bfbadd72d06bfd1a86f94c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetFileAttributesA
WaitForSingleObject
GetCurrentDirectoryA
GetPrivateProfileStringA
GetTempPathA
GetModuleFileNameA
SetCurrentDirectoryA
SetFileAttributesA
CloseHandle
GetLastError
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
WriteFile
CreateFileA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteFileA
GetStringTypeW
GetFullPathNameA
GetDriveTypeA
RtlUnwind
CreateDirectoryA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
ReadFile
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
FlushFileBuffers
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
LCMapStringA
LCMapStringW
GetStringTypeA

user32

GetDlgItem
SetWindowTextA
EndDialog
LoadIconA
UpdateWindow
LoadImageA
DialogBoxParamA
MessageBoxA
SendMessageA
GetWindowTextA

shell32

ShellExecuteExA
ShellExecuteA
SHGetDesktopFolder
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
password.txt
server.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 560KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 185KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 724KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18a8f1cc88bfbadd72d06bfd1a86f94c

Headers

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 26KB

.rsrc Size: 8KB - Virtual size: 5KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 560KB

UPX1 Size: 185KB - Virtual size: 188KB

.rsrc Size: 3KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 724KB - Virtual size: 720KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 26KB

.rsrc
Size: 8KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 560KB

UPX1
Size: 185KB - Virtual size: 188KB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 724KB - Virtual size: 720KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 3KB