3bbc61ff6bf05dd19e40f371ef34cfe2

Sharing

Copy URL

Twitter E-mail

General

Target

3bbc61ff6bf05dd19e40f371ef34cfe2
Size

135KB
MD5

3bbc61ff6bf05dd19e40f371ef34cfe2
SHA1

bfa00cc0b6653f8ed6ec7b77711d4a23fb7c6856
SHA256

d26d7b93ae50d2daa03941f2f00af4a0c225a5d1584c0dd101a5d821aea92999
SHA512

c377d18428ae214559c7128f54ad5525fdb670bee2bf3a8bfe6412c3670ab9626a2d6d1745af5c131075353219dc332497f0cf00796bc96a4aa3d9c285587315
SSDEEP

3072:WcEbV3EugiGNbnKTbCeOWD90o6ap+TMNOIczUntLRYhdfdwIjfQYGuYp:zEbVA59KTbNPl+TMQIgwtLOzfdD7Op

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/SSWv6.90.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SSWv6.90.dll
unpack001/SSWv6.90.exe
unpack002/out.upx

Files

3bbc61ff6bf05dd19e40f371ef34cfe2
.zip
SSWv6.90.dll
.dll windows:4 windows x86 arch:x86

b076ef3b94d2fed7db26250fa62ddc3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
VirtualProtect

user32

GetAsyncKeyState
GetSystemMetrics

opengl32

glColor4f
glGetFloatv
glDepthRange
glClearColor
glPolygonOffset
glVertex2f
glVertex3fv
glViewport
glTexEnvi
glDisable
glEnable
glBlendFunc
glColor4ub
glLineWidth
glBegin
glVertex2i
glEnd
glClear

msvcrt

_adjust_fdiv
_initterm
free
strcmp
malloc
memcpy
time
srand
rand
memset

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SSWv6.90.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 127KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SSWv6.90.txt
_help.url
_read.txt

Sharing

General

Malware Config

Signatures

Files

b076ef3b94d2fed7db26250fa62ddc3b

Headers

File Characteristics

Imports

kernel32

user32

opengl32

msvcrt

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 872B

.data Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 500B

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 36KB

UPX1 Size: 127KB - Virtual size: 128KB

.rsrc Size: 8KB - Virtual size: 12KB

Headers

File Characteristics

Sections

.text Size: 16KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 132KB - Virtual size: 129KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 872B

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 500B

UPX0
Size: - Virtual size: 36KB

UPX1
Size: 127KB - Virtual size: 128KB

.rsrc
Size: 8KB - Virtual size: 12KB

.text
Size: 16KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 132KB - Virtual size: 129KB