63ab22c5fb8c52206fa606b5782da958[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

63ab22c5fb8c52206fa606b5782da958.bin
Size

83KB
MD5

63ab22c5fb8c52206fa606b5782da958
SHA1

aa269ae6b312bd9f9458bec1f8e5ecaee16eca2b
SHA256

8e019bb7cdaf66c776d38ec87632fe3558d693ed2dd00a1c0f393b76d3f3f79e
SHA512

3e1cadf31741b873c4c3627bdf7ac32e7a511f4ccd4aef811e8716635d0caa29553157b3b1a145c967aa02841b9b371534c9edae9e0fda3edb692682a7f0ea5f
SSDEEP

384:CwBir6iN2HhTcpXH9j/fqBHPatk7EUvKmvdqFOafCvFTNLWlNcFo:rBir6iNohTcpX9rqR7ECvK5CdTxSCG

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63ab22c5fb8c52206fa606b5782da958.bin

Files

63ab22c5fb8c52206fa606b5782da958.bin
.exe windows:4 windows x86 arch:x86

739b67090117b3045dd2e17d1a03caad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
EnterCriticalSection
MultiByteToWideChar
GetModuleFileNameA
lstrcmpiA
CreateEventA
InitializeCriticalSection
lstrcatA
ReadFile
SetFilePointer
GetFileSize
CreateFileA
WinExec
lstrlenA
WaitForMultipleObjects
LeaveCriticalSection
lstrcmpA
CreateThread
Sleep
lstrcpyA
SetEvent
GetModuleHandleA
CloseHandle
ExitProcess

advapi32

RegCreateKeyExA
RegQueryValueExA
RegQueryValueA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

comctl32

gdi32

GetDeviceCaps

msvcrt

strchr
malloc
atoi
strstr
_strupr
??3@YAXPAX@Z
??2@YAPAXI@Z
_mbsstr
free

ole32

CoCreateInstance
CoInitialize

rasapi32

RasEnumEntriesA
RasGetEntryPropertiesA
RasDialA
RasGetErrorStringA
RasEnumDevicesA
RasSetEntryPropertiesA
RasHangUpA
RasEnumConnectionsA
RasGetConnectStatusA

shell32

ShellExecuteA
Shell_NotifyIconA

user32

SetMenuDefaultItem
InsertMenuA
CreatePopupMenu
GetCursorPos
GetDlgItem
SetWindowTextA
SetWindowPos
SetForegroundWindow
DefWindowProcA
ShowWindow
SendMessageA
KillTimer
EnableWindow
PostQuitMessage
TrackPopupMenu
DestroyMenu
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetSystemMetrics
LoadImageA
GetWindowRect
GetDC
ReleaseDC
RegisterClassExA
SetTimer
SetFocus
PeekMessageA
EndDialog
DefDlgProcA
LoadIconA
LoadCursorA
RegisterClassA
MessageBoxA
DialogBoxParamA
LoadAcceleratorsA
GetMessageA
GetWindowTextA

Sections

UPX0
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

739b67090117b3045dd2e17d1a03caad

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

gdi32

msvcrt

ole32

rasapi32

shell32

user32

Sections

UPX0 Size: 76KB - Virtual size: 76KB

.rsrc Size: 3KB - Virtual size: 4KB

.avc Size: 2KB - Virtual size: 4KB

UPX0
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 3KB - Virtual size: 4KB

.avc
Size: 2KB - Virtual size: 4KB