259b15c6fdffe92cfac279bc1f1460a7

General

Target

259b15c6fdffe92cfac279bc1f1460a7
Size

47KB
MD5

259b15c6fdffe92cfac279bc1f1460a7
SHA1

aa81648a59033982d28c7c493f2a9de87b564e5d
SHA256

060e816b7532ce069f5d0b9ef3e786276d30821b176d223cdda15ebf09e3f149
SHA512

3a3b66834810173f100f0c6fc530b5fff82db0ba4a212c892d43a7afde60f532fd82cef86d8ce903f95b25909454e554b7fc77fbc4168b8565a74f81c23337fa
SSDEEP

768:w2WzPFHTSkAG46DMQYS7dUwDSf3+8v66br5vBdD:vAQ6hudvX

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
259b15c6fdffe92cfac279bc1f1460a7

Files

259b15c6fdffe92cfac279bc1f1460a7
.exe windows:4 windows x86 arch:x86

7dcebaa227bde3374d4f81a16b567982

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
WriteFile
CreateFileA
DeleteFileA
LockResource
LoadResource
SizeofResource
FindResourceA
CopyFileA
WaitForSingleObject
SetThreadPriority
CreateThread
GetWindowsDirectoryA
GetSystemDirectoryA
ExitProcess
GetModuleFileNameA
Sleep
CreateEventA
OpenEventA
VirtualProtectEx
WriteProcessMemory
Process32Next
Process32First
CreateToolhelp32Snapshot
GetTickCount
VirtualAllocEx
VirtualFreeEx
LoadLibraryA
FreeLibrary
OpenProcess
GetCurrentProcess
GetModuleHandleA
GlobalAlloc
GlobalLock
ReadProcessMemory
GetProcAddress
GlobalUnlock
GlobalFree
CreateRemoteThread
GetShortPathNameA
CloseHandle

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey

msvcrt

rand
srand
_stricmp
memcpy
strcpy
memset
strcat
strlen

user32

FindWindowA
GetWindow
GetWindowTextA
PostMessageA

winmm

mixerGetLineInfoA
mixerOpen
mixerSetControlDetails
mixerGetLineControlsA
mixerGetControlDetailsA

Sections

UPX0
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7dcebaa227bde3374d4f81a16b567982

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

winmm

Sections

UPX0 Size: 44KB - Virtual size: 44KB

.rsrc Size: 512B - Virtual size: 4KB

.avc Size: 1KB - Virtual size: 4KB

UPX0
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 512B - Virtual size: 4KB

.avc
Size: 1KB - Virtual size: 4KB