48719ae4b19c23e428eba75aaf904b2e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48719ae4b19c23e428eba75aaf904b2e
Size

118KB
MD5

48719ae4b19c23e428eba75aaf904b2e
SHA1

c9fbdd4c3c3604e4df2115515e231ebb18e8c39b
SHA256

a7b668d9400205e5544b8671098748101ae05fc31e23ba80e4cc3b7527c3be52
SHA512

2eac67fc151f7c0496985ae077f2ccfd30b939fbd3941f5f70fd28ff219b34843752b88d90b7aea2498ff0a49896810678e1e19547faa0173a0dc15b3e93a721
SSDEEP

1536:HI2BnFz85ycKcSjeHKvQknl4dd+axRLowTl:o2X85t6eqvbl4dsax1ou

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48719ae4b19c23e428eba75aaf904b2e

Files

48719ae4b19c23e428eba75aaf904b2e
.exe windows:4 windows x86 arch:x86

beacb9bbb96e0dd52ade708e7f189d46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateMutexA
GetLastError
GetVersionExA
GetSystemDirectoryA
lstrcpyA
lstrcatA
CreateDirectoryA
CreateFileA
CloseHandle
DeleteFileA
FindFirstFileA
lstrlenA
WritePrivateProfileStringA
GetPrivateProfileStringA
Sleep
WaitForSingleObject
CreateProcessA
GetStartupInfoA
WriteFile
ReleaseMutex
FindClose
FindNextFileA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
??3@YAXPAX@Z
??2@YAPAXI@Z
atoi
_XcptFilter
_exit
strstr

user32

CharLowerA
wsprintfA

Sections

UPX0
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE