1116f42dd289e921c7c87e727c2d6f04

General

Target

1116f42dd289e921c7c87e727c2d6f04
Size

92KB
MD5

1116f42dd289e921c7c87e727c2d6f04
SHA1

eb289dff5532a548572c63b1f268833770004681
SHA256

d37b5b81c5fb71fe472b17caa9ef889c6853f9fcf2ea396e8a8dd5db06ee9327
SHA512

847446055e413b03ce5df094806767fd4c0bd90db05a38f3848a59266ba40dc6f1737884fbbd7cfe4559affa996b78278a83400629e4d24ad0031d821ca705ad
SSDEEP

1536:vMuKc45ZD6kqyNfW6L152cBLuEjIW3yLaAfRm:UBPOkqyNFjjUEcaGRm

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1116f42dd289e921c7c87e727c2d6f04

Files

1116f42dd289e921c7c87e727c2d6f04
.exe windows:4 windows x86 arch:x86

e58b8af5babf5dbd15a6f590399d0165

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
Process32Next
CloseHandle
Process32First
CreateToolhelp32Snapshot
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
Sleep
TerminateProcess
OpenProcess
WriteFile
GetCurrentProcessId
GetLastError
CreateMutexA
ExitProcess
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
MoveFileA
GetFileAttributesA
FreeLibrary
CopyFileA
CreateProcessA
CreateDirectoryA
GetSystemDirectoryA
HeapAlloc
HeapFree
HeapReAlloc
GetModuleHandleA
GetCurrentProcess
GetSystemTimeAsFileTime
GetStartupInfoA
LoadLibraryA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapSize
SetStdHandle
FlushFileBuffers
GetLocaleInfoA
GetCPInfo
VirtualProtect
GetSystemInfo
VirtualQuery
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
RtlUnwind
InterlockedExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
SetEndOfFile
GetCommandLineA
GetProcAddress

advapi32

RegCloseKey

Sections

UPX0
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e58b8af5babf5dbd15a6f590399d0165

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

UPX0 Size: 88KB - Virtual size: 88KB

.avc Size: 2KB - Virtual size: 4KB

UPX0
Size: 88KB - Virtual size: 88KB

.avc
Size: 2KB - Virtual size: 4KB