7cbf750946c9d4763cb429935a5447d6

Sharing

Copy URL Twitter E-mail

General

Target

7cbf750946c9d4763cb429935a5447d6
Size

76KB
MD5

7cbf750946c9d4763cb429935a5447d6
SHA1

8b0a4ebf9d364de30e28a9010ca29183c21d7aa6
SHA256

04bcdc5cb3bd49c4770ad1224c9a498b0ddc23efee122b44eef875945a63c5f7
SHA512

398d983b3f73993b750d6ee16f82eb0f9961f84434567c2b6e7078d0f67f41890d403b01e5bfec05ba6fa852698d5001cc706582ae70dfd795efbc23e805b072
SSDEEP

768:Ke43o8gPaO2aTjOhdpK6qSTFDl6yg//46rtSU5rzRIy:HP8gPakKXTFDEjvBjdRIy

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7cbf750946c9d4763cb429935a5447d6

Files

7cbf750946c9d4763cb429935a5447d6
.dll windows:4 windows x86 arch:x86

490c86724c7ee11eeaf6303837b7459c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushFileBuffers
GetConsoleMode
WriteConsoleA
SetStdHandle
SetFilePointer
GetConsoleOutputCP
WriteConsoleW
GetConsoleCP
ExitProcess
Sleep
FreeLibrary
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
CreateFileA
ReadFile
GetLastError
CloseHandle
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
VirtualAlloc
WriteFile
InitializeCriticalSection
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

shlwapi

wvnsprintfA
StrToIntA

urlmon

URLDownloadToFileA

user32

TranslateMessage
DispatchMessageA
SetTimer
GetMessageA
wsprintfA

wininet

InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetReadFile
HttpQueryInfoA

Exports

Exports

n

Sections

UPX0
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

490c86724c7ee11eeaf6303837b7459c

Headers

File Characteristics

Imports

kernel32

advapi32

shlwapi

urlmon

user32

wininet

Exports

Exports

Sections

UPX0 Size: 72KB - Virtual size: 72KB

.rsrc Size: 1024B - Virtual size: 4KB

.avc Size: 2KB - Virtual size: 4KB

UPX0
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 1024B - Virtual size: 4KB

.avc
Size: 2KB - Virtual size: 4KB