c7d7bedd015669033e16d63bb9673239

Sharing

Copy URL Twitter E-mail

General

Target

c7d7bedd015669033e16d63bb9673239
Size

283KB
MD5

c7d7bedd015669033e16d63bb9673239
SHA1

42982d0490753a32f5059690997809784463f217
SHA256

b4474f18d1765d785400ab92a185cd465f23ebe7d511afba29af7bf750224acd
SHA512

f8c2d955c8b986b6695677953b85b6565a5db8c5c45b62fa5e98774917106bcc2af65f185efdc8ff5ef36f71137f57a6afd9cc0cfc9d86108db4ff651bb9bf43
SSDEEP

6144:w6mOOTc5pZKB5QS2Z2ycYtpQgwYeVavjIFAbcdPNnFcR98pQa:w+np5S2Z27fVavjIFVtFC98pQa

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7d7bedd015669033e16d63bb9673239

Files

c7d7bedd015669033e16d63bb9673239
.exe windows:4 windows x86 arch:x86

0a0818650fe464607ddfdb79d77eddca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Borland\Bred3r\Literal\ReleaseW\Literal.pdb

Imports

kernel32

GetSystemInfo
SetErrorMode
FreeLibrary
LoadLibraryW
GetProcAddress
ExitProcess
HeapDestroy
HeapCreate
GetFullPathNameW
GetVersionExW
GetLongPathNameW
GetProcessHeap
HeapSize
RtlUnwind
RaiseException
LoadLibraryA
InterlockedExchange
LocalAlloc
GetModuleHandleW
LocalFree
GetShortPathNameW
lstrcmpiW
GetLastError
GetStartupInfoW
GetModuleFileNameW
GetTimeFormatW
FormatMessageW
GetLocaleInfoW
GetTickCount
GetDateFormatW
GetCommandLineW
GlobalFree
GlobalAlloc
GlobalUnlock
MultiByteToWideChar
lstrcmpW
MulDiv
WideCharToMultiByte
GlobalLock
SetFileAttributesW
lstrcpyW
CloseHandle
GetFileAttributesExW
SetLastError
CreateFileW
ReadFile
GetFileAttributesW
lstrcpynW
WriteFile
HeapFree
MoveFileExW
HeapAlloc
SetEndOfFile
SetFilePointer
GetFileSize
GetDriveTypeW
HeapReAlloc
VirtualQuery

user32

ShowWindow
SetWindowPos
EndDialog
PeekMessageW
AppendMenuW
InvalidateRect
CheckMenuRadioItem
TrackPopupMenuEx
EnumChildWindows
LoadIconW
RegisterClassExW
GetMenu
TranslateMessage
wsprintfW
EnumWindows
GetMenuItemInfoW
DrawEdge
CharLowerBuffW
DialogBoxParamW
DeleteMenu
SetForegroundWindow
IsZoomed
PostMessageW
LoadImageW
IsIconic
ShowWindowAsync
PostQuitMessage
GetMessageW
TranslateAcceleratorW
SetWindowPlacement
InternalGetWindowText
EnableWindow
GetDlgItem
IsWindowEnabled
DestroyMenu
CreateDialogParamW
SetParent
GetSubMenu
DrawTextW
ClientToScreen
IsRectEmpty
SetScrollInfo
SetCaretPos
ReleaseCapture
CreateCaret
GetCursorPos
DestroyCaret
ScrollWindow
UnionRect
GetScrollInfo
IntersectRect
OffsetRect
GetCapture
GetMenuItemCount
ShowCaret
GetKeyState
SetCapture
FillRect
ScreenToClient
HideCaret
GetWindowTextW
GetWindowTextLengthW
GetSystemMetrics
GetKeyboardLayoutList
SystemParametersInfoW
GetKeyboardLayout
LoadAcceleratorsW
LoadMenuIndirectW
VkKeyScanExW
FindWindowExW
GetDlgCtrlID
SetWindowTextW
GetSysColor
CharUpperBuffW
IsCharAlphaNumericW
CharUpperBuffA
EmptyClipboard
RegisterClipboardFormatW
SetClipboardData
IsCharAlphaNumericA
EndPaint
DestroyWindow
SetCursor
CloseClipboard
SetTimer
RemovePropW
GetWindowRect
IsChild
KillTimer
GetFocus
IsClipboardFormatAvailable
GetParent
LoadCursorW
GetClientRect
SetFocus
BeginPaint
SetPropW
GetDC
GetWindowLongW
GetClipboardData
ReleaseDC
SetWindowLongW
IsWindow
CreateWindowExW
OpenClipboard
SendMessageW
SetDlgItemTextW
SetMenuItemInfoW
DispatchMessageW
PtInRect
GetClassNameW
MapWindowPoints
UpdateWindow
GetPropW
DefWindowProcW
CopyRect
MoveWindow
MessageBoxW
GetWindowPlacement

gdi32

DeleteDC
StartPage
SetViewportOrgEx
EndPage
EnumFontFamiliesExW
SetBkMode
SetTextColor
SetBkColor
ExtTextOutA
CreatePen
SetPixelV
GetBkColor
LineTo
MoveToEx
GetObjectW
SetMapMode
ExtTextOutW
StartDocW
EndDoc
AbortDoc
GetTextMetricsW
CreateFontIndirectW
GetDeviceCaps
DeleteObject
GetTextColor
GetStockObject
SelectObject

advapi32

RegOpenKeyExW
RegSetValueExW
RegCloseKey
IsTextUnicode
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW

shell32

DragFinish
DragQueryFileW
ShellExecuteW
CommandLineToArgvW

comctl32

InitCommonControlsEx

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 104KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0a0818650fe464607ddfdb79d77eddca

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 30KB - Virtual size: 30KB

.UPX0 Size: 104KB - Virtual size: 252KB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 30KB - Virtual size: 30KB

.UPX0
Size: 104KB - Virtual size: 252KB