9bd9df5c24c8c16efe7104e430ed1188

Sharing

Copy URL

Twitter E-mail

General

Target

9bd9df5c24c8c16efe7104e430ed1188
Size

660KB
MD5

9bd9df5c24c8c16efe7104e430ed1188
SHA1

7583a8dac44551dcf1df63a19d3c9ea5058f38ec
SHA256

51a0e30510f8d11e1a03acd917b6602c039834c365becc28ef2de24d6fff0049
SHA512

b8a2e3fa5504541ec5b7b12ebcb82bcfd11919c8ce360043dcd59a7f3d9f2bd2bd6c89f73db7d1393ff4a689e98fa4160ff40db08c0fafc59b441348d78ab3a1
SSDEEP

12288:AQarKSvCNvmY4D6HZg0w+OJfYzNFoEiwpsjBUD268QYPhu6YRt8BYacqFi:AQarKS6Be65q+OJfSi/wpBYQUs8Bfi

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9bd9df5c24c8c16efe7104e430ed1188

Files

9bd9df5c24c8c16efe7104e430ed1188
.exe windows:4 windows x86 arch:x86

9a30c5cf940e19a93e76ae2d1a973d47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetModuleHandleA
LoadLibraryA
VirtualAlloc
GetModuleFileNameA
ExitProcess

user32

DispatchMessageA
MessageBoxA

advapi32

RegOpenKeyExA

oleaut32

SysFreeString

kernel32.dll.

GetTickCount

Sections

CODE
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 573KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX1
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.UPX2
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a30c5cf940e19a93e76ae2d1a973d47

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

kernel32.dll.

Sections

CODE Size: - Virtual size: 19KB

DATA Size: - Virtual size: 264B

BSS Size: - Virtual size: 2KB

.idata Size: - Virtual size: 1KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.UPX0 Size: - Virtual size: 1KB

.rsrc Size: 573KB - Virtual size: 572KB

.UPX1 Size: - Virtual size: 44KB

.UPX2 Size: 85KB - Virtual size: 85KB

.reloc Size: 512B - Virtual size: 172B

CODE
Size: - Virtual size: 19KB

DATA
Size: - Virtual size: 264B

BSS
Size: - Virtual size: 2KB

.idata
Size: - Virtual size: 1KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.UPX0
Size: - Virtual size: 1KB

.rsrc
Size: 573KB - Virtual size: 572KB

.UPX1
Size: - Virtual size: 44KB

.UPX2
Size: 85KB - Virtual size: 85KB

.reloc
Size: 512B - Virtual size: 172B