5860084066dfb0a9388c7f25b2516416

Sharing

Copy URL Twitter E-mail

General

Target

5860084066dfb0a9388c7f25b2516416
Size

96KB
MD5

5860084066dfb0a9388c7f25b2516416
SHA1

c87490cb8eb698faff78e9bd672fe82b0260a836
SHA256

2b74e106cb2cd267b71508cae329c477de61839ba1e9d6efd420b86bad805071
SHA512

89c052c882e73b4c5c7bbd29c302baf791246e7f309ce1d8bdb4d038587d08c5c889d692dfe79fbeb8c3973c8340f114d64c139dca5236239b1504cb28eec7bc
SSDEEP

1536:crnMw2bQz8TaxFXpOxdO8+0Ga3TBdnnDf:crnMw2bQwTaxFZOjDBBnr

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5860084066dfb0a9388c7f25b2516416

Files

5860084066dfb0a9388c7f25b2516416
.exe windows:4 windows x86 arch:x86

96b4e3a431bd01bf50b1c8da8a2bab28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RtlUnwind
InitializeCriticalSection
LoadLibraryA
FlushFileBuffers
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetConsoleMode
GetConsoleCP
HeapSize
HeapReAlloc
CompareStringA
CompareStringW
SetEnvironmentVariableA
RaiseException
WriteFile
TerminateThread
Sleep
SetThreadPriority
GetExitCodeThread
CloseHandle
CreateThread
ExitProcess
SetFilePointer
ExpandEnvironmentStringsA
ReadFile
GetLastError
GetModuleFileNameA
CreateMutexA
CreateFileA
GetCommandLineA
CreateProcessA
CopyFileA
DeleteFileA
GetSystemTimeAsFileTime
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
GetTimeZoneInformation
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc

advapi32

RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

user32

DestroyWindow
GetMessageA
SetTimer
RegisterClassExA
PostQuitMessage
KillTimer
TranslateMessage
SetWindowLongA
GetWindowLongA
CreateWindowExA
DefWindowProcA
DispatchMessageA
LoadCursorA
PostMessageA

ws2_32

Sections

UPX0
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

96b4e3a431bd01bf50b1c8da8a2bab28

Headers

File Characteristics

Imports

kernel32

advapi32

user32

ws2_32

Sections

UPX0 Size: 92KB - Virtual size: 92KB

.rsrc Size: 1024B - Virtual size: 4KB

.avc Size: 2KB - Virtual size: 4KB

UPX0
Size: 92KB - Virtual size: 92KB

.rsrc
Size: 1024B - Virtual size: 4KB

.avc
Size: 2KB - Virtual size: 4KB