07d8066bb87095d43e295519847528e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07d8066bb87095d43e295519847528e3
Size

260KB
MD5

07d8066bb87095d43e295519847528e3
SHA1

19c010ba1c0c042cde200591250ed2cdc4d5c03a
SHA256

866c3bb4d6d613e45d2aadd5bda2f8f4ce8bb4d6951f5a24c654f21a965bc256
SHA512

269602a98d73b0353c8b9d540a3b40f2206530392d4d7521362cd66ee1e1b9ce8cf387be74f1760e855410cc8a8d515b87b0e630d51ac0326a39d3a541ee74f2
SSDEEP

3072:CHt0oguZQAz8vNArFLQIvTh3+SLtiODrcLAivy2joyo:emgFgv2BvTZLMO0L2Un

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07d8066bb87095d43e295519847528e3

Files

07d8066bb87095d43e295519847528e3
.exe windows:9 windows x86 arch:x86

b14b211bf6381d557fb4e68196b2b739

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
BackupRead
VirtualAlloc
ExpandEnvironmentStringsA
CreateDirectoryW
CompareStringW
FindFirstFileA
FreeLibrary
FileTimeToSystemTime
FindNextFileA
ExpandEnvironmentStringsW
GetCommandLineA
CreateFileA
FormatMessageA
DeviceIoControl
CloseHandle
FileTimeToLocalFileTime
FindNextFileW
CreateThread
DeleteFileA
ExitProcess
CompareStringA
CreateDirectoryA
SetSystemTime
FlushFileBuffers

advapi32

SetNamedSecurityInfoA

imm32

ImmSimulateHotKey

secur32

AcceptSecurityContext

shell32

SHPathPrepareForWriteW

user32

MessageBoxA
ExitWindowsEx
CharUpperW
OemToCharA
CharLowerW
CharUpperA
CharLowerA
LoadStringA
GetScrollBarInfo
CharToOemA
CharToOemBuffA

Sections

UPX0
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE