77895655056200c40327483d92d69973

Sharing

Copy URL Twitter E-mail

General

Target

77895655056200c40327483d92d69973
Size

313KB
MD5

77895655056200c40327483d92d69973
SHA1

dbee10dee9335ffd001cddbe1ca267ffd2b53ae2
SHA256

fad80ffe08b6ee0fe21968e872ec0e487a9f0171aa5be4b461c91e276f7f2c42
SHA512

e6618e058962633f5849f38a912bb3e5e6d0ce7ef7eaf3af3d2507d95cad7ecd5bbacb06d34b57e30a5d2ea552881e5eea51673895db52266bd4fe16f69064f8
SSDEEP

3072:mN4H2acCqvFwgLZ7wCQwjepPKpw4RFAkuzXj+EcoIom5iw8TGWuK+5yPaqZPpNX2:mWHJGvb7wCypS7jszXj+H5iw61PPpYx

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77895655056200c40327483d92d69973

Files

77895655056200c40327483d92d69973
.exe windows:5 windows x86 arch:x86

d5bb91186d9ec937f361cf5ce247c6a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FoldStringW
GetTimeFormatW
GetDateFormatW
GetLocalTime
GetUserDefaultLCID
WideCharToMultiByte
SetLastError
SetEndOfFile
DeleteFileW
GetACP
UnmapViewOfFile
LocalReAlloc
MultiByteToWideChar
MapViewOfFile
CreateFileMappingW
GetFileInformationByHandle
FormatMessageW
GetUserDefaultLangID
LocalSize
lstrcmpiW
GlobalUnlock
GlobalLock
IsDBCSLeadByte
GetCPInfo
LocalLock
CompareStringA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
EnterCriticalSection
CompareStringW
LeaveCriticalSection
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
GetTimeZoneInformation
GetStringTypeW
IsValidCodePage
GetOEMCP
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
HeapFree
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
VirtualQuery
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
ExpandEnvironmentStringsA
LocalUnlock
lstrlenW
LocalAlloc
lstrcmpW
FindFirstFileW
FindClose
GetLastError
lstrcatW
GetCommandLineW
LocalFree
lstrcpyW
CreateFileW
lstrcpynW
MulDiv
GetLocaleInfoW
TerminateProcess
GlobalFree
Sleep
GetVersionExA
VirtualFree
VirtualAlloc
SetEnvironmentVariableA
GetTempPathA
GetTempFileNameA
CreateFileA
WriteFile
CloseHandle
LoadLibraryA
CreateProcessA
WaitForSingleObject
lstrcpyA
lstrcatA
GetCurrentThreadId
FindAtomA
GetProcAddress
lstrlenA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExW
IsTextUnicode
RegCreateKeyW
RegCloseKey
RegQueryValueExW

comdlg32

GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW
ReplaceTextW
FindTextW
PageSetupDlgW
CommDlgExtendedError
ChooseFontW
PrintDlgExW

gdi32

StartPage
StartDocW
SetAbortProc
CreateFontIndirectW
EndDoc
EndPage
TextOutW
SetBkMode
LPtoDP
SetWindowExtEx
SetViewportExtEx
SetMapMode
CreateDCW
GetTextExtentPoint32W
SelectObject
GetTextFaceW
EnumFontsW
GetStockObject
GetObjectW
DeleteObject
GetBkMode
GetTextMetricsW
GetBkColor
GetDeviceCaps
DeleteDC

shell32

DragFinish
DragAcceptFiles
DragQueryFileW
ShellAboutW

user32

GetWindowTextW
EnableWindow
CreateDialogParamW
DrawTextExW
PeekMessageW
CharLowerW
LoadImageW
RegisterClassExW
RegisterWindowMessageW
LoadCursorW
CreateWindowExW
SetWindowPlacement
GetClientRect
ShowWindow
CharUpperW
GetSystemMenu
LoadAcceleratorsW
LoadStringW
GetWindowPlacement
SetScrollPos
UpdateWindow
GetWindowLongW
SetDlgItemTextW
ClientToScreen
IsWindowVisible
GetWindowRect
GetFocus
InflateRect
GetDlgItemTextW
EndDialog
wsprintfW
GetMenuState
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
CheckMenuItem
SetWindowTextW
GetSystemMetrics
GetMessageW
IsDialogMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
CharNextW
DefWindowProcW
IsIconic
PostQuitMessage
DestroyWindow
MessageBeep
GetForegroundWindow
GetKeyboardLayout
SetActiveWindow
PostMessageW
GetMenu
SendMessageW
GetSubMenu
EnableMenuItem
SetFocus
DialogBoxParamW
LoadIconW
GetDesktopWindow
MessageBoxW
GetDC
ReleaseDC
SetCursor
SendDlgItemMessageW
GetDlgCtrlID
WinHelpW
ScreenToClient
ChildWindowFromPoint
InvalidateRect
MoveWindow
wsprintfA
EqualRect
GetCursorPos
SetWindowLongW

winspool.drv

OpenPrinterW
GetPrinterDriverW
ClosePrinter

Sections

UPX0
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d5bb91186d9ec937f361cf5ce247c6a5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

comdlg32

gdi32

shell32

user32

winspool.drv

Sections

UPX0 Size: 309KB - Virtual size: 309KB

UPX0
Size: 309KB - Virtual size: 309KB