f860781bc74c61dbf91f2befa8125ac1

General

Target

f860781bc74c61dbf91f2befa8125ac1
Size

565KB
MD5

f860781bc74c61dbf91f2befa8125ac1
SHA1

9fa42be30eebf8c0333bd67db5844a6c5845dd93
SHA256

e3c6263ff19405e755d48d9b91e1110df522885f013c72016b139e31649b9255
SHA512

742468a0ebc6ae32f6a54392f6c52eb4ccbdde7dcb14914be86305df416fda5853f15b245f4b9100a7ce9aa82fae5546ce6c60e4646fae9289ff1b789283da72
SSDEEP

6144:xIj7yByR6Hnj7S/rlzC9gK1W7KQQf91n8D/3eaaZxhyZTZfU4BABdEDaJPj5Ed7m:xkyBhUmgK6Il18D/3yMVfydEfoiDEUQ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f860781bc74c61dbf91f2befa8125ac1

Files

f860781bc74c61dbf91f2befa8125ac1
.exe windows:5 windows x86 arch:x86

f943f21329fe6e0afff3ab8e22960746

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

GetAce

comctl32

ImageList_Remove

comdlg32

GetSaveFileNameW

gdi32

LineTo

mpr

WNetGetConnectionW

ole32

CoInitialize

oleaut32

SafeArrayUnaccessData

psapi

EnumProcesses

shell32

DragFinish

user32

GetDC

userenv

LoadUserProfileW

version

VerQueryValueW

wininet

FtpOpenFileW

winmm

timeGetTime

wsock32

recv

Sections

UPX0
Size: - Virtual size: 604KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 263KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rorg
Size: 164KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f943f21329fe6e0afff3ab8e22960746

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

comctl32

comdlg32

gdi32

mpr

ole32

oleaut32

psapi

shell32

user32

userenv

version

wininet

winmm

wsock32

Sections

UPX0 Size: - Virtual size: 604KB

UPX1 Size: 263KB - Virtual size: 264KB

.rorg Size: 164KB - Virtual size: 168KB

.rsrc Size: 4KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 604KB

UPX1
Size: 263KB - Virtual size: 264KB

.rorg
Size: 164KB - Virtual size: 168KB

.rsrc
Size: 4KB - Virtual size: 8KB