dfd5a300f942d50bf85c31289bd11538

Sharing

Copy URL

Twitter E-mail

General

Target

dfd5a300f942d50bf85c31289bd11538
Size

100KB
MD5

dfd5a300f942d50bf85c31289bd11538
SHA1

1d0d330f2fad990922ae34236fb7767730a98f06
SHA256

2e61abd663a7e5831ef7f39440edc4fbf61aff50516d939490624cc94736a41c
SHA512

5f181d5201e9737426314cc89d52077e9a71f4e84830402dbb3e77cc0e78c70932d9348caa891b9e860273e365f403cbf3d79f9dde4a7b586c9050ba86ca8bea
SSDEEP

3072:h+eNQ83XU5fgDVjL6pnSKxY8Rwypg4u0Yw:Vq8U5fgp6F368Kypdt

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/ECC.5.3/ECC.5.3.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ECC.5.3/ECC.5.3.dll
unpack001/ECC.5.3/ECC.5.3.exe
unpack002/out.upx

Files

dfd5a300f942d50bf85c31289bd11538
.rar
ECC.5.3/ECC.5.3.dll
.dll windows:4 windows x86 arch:x86

91a5dced9dd1666acecd30830de29f5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

opengl32

glLoadIdentity
glEnd
glViewport
glClearColor
glClear
glTexEnvi
glGetFloatv
glColor4f
glPushMatrix
glVertex2f
glDisable
glEnable
glBlendFunc
glColor4ub
glBegin
glPopMatrix

kernel32

EnterCriticalSection
CreateFileA
FlushInstructionCache
InterlockedIncrement
InterlockedDecrement
GetLocaleInfoW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
VirtualProtect
GetProcAddress
GetModuleHandleA
IsBadReadPtr
CloseHandle
CreateToolhelp32Snapshot
VirtualAlloc
FindFirstFileA
LoadLibraryA
FreeLibrary
GetPrivateProfileStringA
Module32Next
Module32First
GetModuleFileNameA
GetUserDefaultLCID
RaiseException
RtlUnwind
HeapFree
GetCurrentThreadId
GetCommandLineA
GetVersionExA
HeapAlloc
SetUnhandledExceptionFilter
TlsAlloc
SetLastError
GetLastError
TlsFree
TlsSetValue
TlsGetValue
DeleteCriticalSection
LeaveCriticalSection
SetEndOfFile
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
WriteFile
FlushFileBuffers
SetFilePointer
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
InterlockedExchange
VirtualQuery
SetStdHandle
ReadFile
GetLocaleInfoA
GetSystemInfo
GetStringTypeA
GetStringTypeW

user32

GetAsyncKeyState

Exports

Exports

CreateInterface

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ECC.5.3/ECC.5.3.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ECC.5.3/ECC.5.3.ini
ECC.5.3/init.ini

Sharing

General

Malware Config

Signatures

Files

91a5dced9dd1666acecd30830de29f5c

Headers

File Characteristics

Imports

winmm

opengl32

kernel32

user32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 154KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 12KB - Virtual size: 172KB

.reloc Size: 16KB - Virtual size: 14KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 28KB

UPX1 Size: 4KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 156KB - Virtual size: 154KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 12KB - Virtual size: 172KB

.reloc
Size: 16KB - Virtual size: 14KB

UPX0
Size: - Virtual size: 28KB

UPX1
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 5KB