9d3fc73e2ffdcf37b8ee1a3e7c74cecc5d9902e95f0218f4bc08784de44924e4

General

Target

9d3fc73e2ffdcf37b8ee1a3e7c74cecc5d9902e95f0218f4bc08784de44924e4
Size

151KB
MD5

62aa5a6ffaa2bacc524e96d156cf1e45
SHA1

75d5f346b70e2ef8bd633d2eda1df8bde1bd3f60
SHA256

9d3fc73e2ffdcf37b8ee1a3e7c74cecc5d9902e95f0218f4bc08784de44924e4
SHA512

d25d63394bc01a2f5e8f9c23ae99b95d1939069ea5566abed828b9efc0b1335f292eca830a6c5ee4d77cc0aa6c5488d633a0ce2828db56c1702cd8fe21ef76c2
SSDEEP

1536:DwCd+qitb0bt+FTCQ2X9EvHsdX6u1x20n2eN6BRMk:Dv4b0hJ9EE16u1x2q2eYRn

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d3fc73e2ffdcf37b8ee1a3e7c74cecc5d9902e95f0218f4bc08784de44924e4

Files

9d3fc73e2ffdcf37b8ee1a3e7c74cecc5d9902e95f0218f4bc08784de44924e4
.exe windows:5 windows x86 arch:x86

83b45e356be38dee9f40ac165206f07f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
LoadLibraryA
GetModuleHandleW
HeapFree
GetVersionExA
GetStartupInfoW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
GetLastError
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeCriticalSection
Sleep
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
HeapSize
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

UPX0
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

83b45e356be38dee9f40ac165206f07f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

UPX0 Size: 40KB - Virtual size: 40KB

UPX1 Size: 28KB - Virtual size: 28KB

.rsrc Size: 76KB - Virtual size: 76KB

UPX0
Size: 40KB - Virtual size: 40KB

UPX1
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 76KB - Virtual size: 76KB