f8825b22a2ce9b0bc71e1e4bd4856e7f

Sharing

Copy URL

Twitter E-mail

General

Target

f8825b22a2ce9b0bc71e1e4bd4856e7f
Size

1.0MB
MD5

f8825b22a2ce9b0bc71e1e4bd4856e7f
SHA1

cd9636ec64b182ab32bd812e494d9b9e6adf9976
SHA256

5cce7edf03dcde21fc0330213930edeec1ae4118130cf9d0af2757812980be58
SHA512

ef07c735d3d3754b5364bbd6abf58590747f9e85a1434d2c5a9cc664b5b3f7e2421f28afdd3532b6e3a5f03c8c6e7b99a599abb9baca8355a596fbf51d015387
SSDEEP

24576:DiPtyOE7oU5+Buxi5TFKBDtO24N+ioS8SeCGCD+D:S87Xi5TkHO24N+S8Oy

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8825b22a2ce9b0bc71e1e4bd4856e7f

Files

f8825b22a2ce9b0bc71e1e4bd4856e7f
.dll windows:5 windows x86 arch:x86

2100b5b9b91fd961d1474d6daac8c1ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc90

ord801

msvcr90

_crt_debugger_hook

kernel32

CreateThread
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetForegroundWindow
MessageBoxA

shlwapi

StrCmpNA

Exports

Exports

DLLaction

Sections

.text
Size: - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UPX0
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX1
Size: - Virtual size: 955KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX2
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2100b5b9b91fd961d1474d6daac8c1ae

Headers

DLL Characteristics

File Characteristics

Imports

mfc90

msvcr90

kernel32

user32

shlwapi

Exports

Exports

Sections

.text Size: - Virtual size: 33KB

.rdata Size: - Virtual size: 6KB

.data Size: - Virtual size: 327KB

.rsrc Size: 2KB - Virtual size: 1KB

UPX0 Size: - Virtual size: 4KB

UPX1 Size: - Virtual size: 955KB

UPX2 Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 512B - Virtual size: 288B

.text
Size: - Virtual size: 33KB

.rdata
Size: - Virtual size: 6KB

.data
Size: - Virtual size: 327KB

.rsrc
Size: 2KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 4KB

UPX1
Size: - Virtual size: 955KB

UPX2
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 512B - Virtual size: 288B