451d86576420a5c67d1b47c01d7567f7

Sharing

Copy URL Twitter E-mail

General

Target

451d86576420a5c67d1b47c01d7567f7
Size

659KB
MD5

451d86576420a5c67d1b47c01d7567f7
SHA1

b02269980a5de29100757ea722b65b72fa20b69d
SHA256

0e942989d312824e11e744cb649d404914cd634f2366a2a3b19f8fb4ee03cb91
SHA512

fc17ee7e4799c02ab0d92083a772b481aa6f4622f501b06ad038022a3286a54302afb7c27191e7a61e6827e85776ec8bd0a1d7af44c7744abfd1f5e2093f7970
SSDEEP

12288:NSrIBUdK/Am6ts0f8WUG0YfvpD6sP8EdbF7afOcjYlrA9d1OxyDD8oZMrkI+:NDBUdK/OvhLXpD6sEqB7ZcurA9d1tLs6

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
451d86576420a5c67d1b47c01d7567f7

Files

451d86576420a5c67d1b47c01d7567f7
.exe windows:4 windows x86 arch:x86

e62c6f956025f31f1e28a2e15fdc813e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetThreadLocale
GetModuleHandleA
LoadLibraryA
VirtualAlloc
GetModuleFileNameA
ExitProcess

user32

GetKeyboardType
MessageBoxA

advapi32

RegCloseKey

oleaut32

SysReAllocStringLen

kernel32.dll

GetLastError

Sections

CODE
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 564KB - Virtual size: 563KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX1
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.UPX2
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e62c6f956025f31f1e28a2e15fdc813e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

kernel32.dll

Sections

CODE Size: - Virtual size: 19KB

DATA Size: - Virtual size: 264B

BSS Size: - Virtual size: 2KB

.idata Size: - Virtual size: 1KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.UPX0 Size: - Virtual size: 1KB

.rsrc Size: 564KB - Virtual size: 563KB

.UPX1 Size: - Virtual size: 52KB

.UPX2 Size: 93KB - Virtual size: 92KB

.reloc Size: 512B - Virtual size: 148B

CODE
Size: - Virtual size: 19KB

DATA
Size: - Virtual size: 264B

BSS
Size: - Virtual size: 2KB

.idata
Size: - Virtual size: 1KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.UPX0
Size: - Virtual size: 1KB

.rsrc
Size: 564KB - Virtual size: 563KB

.UPX1
Size: - Virtual size: 52KB

.UPX2
Size: 93KB - Virtual size: 92KB

.reloc
Size: 512B - Virtual size: 148B