373b716c8579d157459e7f3494b7671b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

373b716c8579d157459e7f3494b7671b
Size

2.4MB
MD5

373b716c8579d157459e7f3494b7671b
SHA1

25e4b815b0e5e6c73128c99456a1ad8beda61062
SHA256

25a0d884a83cd6e0f8d52e3c533f3dadf54747595e40be82708fc2d4974ad2c5
SHA512

1ab4758afcd46c3412de390165cced8b807d16a48c0f0cc49692920456e63f4b4aad900ee6dcd96c7d00621f5ffa8e4be099bbed6acc880afef95a49da60acd8
SSDEEP

49152:ACUJyaV89TFnfQNIa3QTTXWuLx882PO5GW5x5SZZqSC9w7:1udQTFnVWqxH8GnkEls

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
373b716c8579d157459e7f3494b7671b

Files

373b716c8579d157459e7f3494b7671b
.exe windows:4 windows x86 arch:x86

8b78958f7c3f6c977439ba7f2a8e7f6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

pSetupWriteLogError
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GetAtomNameW
GetFileAttributesA
FlushFileBuffers
GetVolumeInformationW
GetVersionExW
LockFile
SearchPathW
FindResourceExA
EnumResourceNamesA
GetFileType
FileTimeToSystemTime
IsDBCSLeadByte
GetProfileStringW
SetEndOfFile
CompareStringW
CreateHardLinkW
GetFileTime
GetUserDefaultLangID
FileTimeToLocalFileTime
UnlockFile
GetSystemDirectoryW

ole32

CoInitializeSecurity
CoTaskMemRealloc
StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
StringFromCLSID
CoCreateInstance
IIDFromString
OleUninitialize

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UPX0
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE