37f4f66a328c9136e634afe13380c304

Sharing

Copy URL Twitter E-mail

General

Target

37f4f66a328c9136e634afe13380c304
Size

228KB
MD5

37f4f66a328c9136e634afe13380c304
SHA1

abe1fe643ad69358e0e79a5af7d477fa9703eb5f
SHA256

fe0dff3b6d075fa046c2648d75a96d4d85a727bb2048f26197491369eb94e3f3
SHA512

f196ada43f3ab689ce240473e00ebf837cde8e4b8e30889ea7b516fc684f1620f6751bf6334c7c19462cfbcc320e8765fa5ab194949a1bbd077e6f64f0de633c
SSDEEP

3072:TtS9lth3Jz5QFxhsNIamNT2JkZosc2Lo+3XNgPJyyO1jc2nN0x:Ttu3JS5xG/in

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37f4f66a328c9136e634afe13380c304

Files

37f4f66a328c9136e634afe13380c304
.exe windows:4 windows x86 arch:x86

43653daf5274e9c538d8e7f7d4331f2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
IsBadWritePtr
GetVersion
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
MoveFileA
DeleteFileA
RtlUnwind
SetEnvironmentVariableA
CreateDirectoryA
HeapFree
HeapAlloc
HeapCompact
TerminateProcess
ExitProcess
GetFileAttributesA
SetFileAttributesA
GetVersionExA
GetModuleFileNameA
GetDriveTypeA
GetCurrentProcess
MoveFileExA
FormatMessageA
SetFileTime
WritePrivateProfileStringA
OpenFile
SetErrorMode
GetLocalTime
GetFullPathNameA
FindFirstFileA
FindClose
MultiByteToWideChar
WideCharToMultiByte
GetTempPathA
GetShortPathNameA
GetExitCodeProcess
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateProcessA
lstrcatA
lstrlenA
WinExec
LoadLibraryA
GetProcAddress
FreeLibrary
GetDiskFreeSpaceA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CloseHandle
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetLastError
GetWindowsDirectoryA
HeapReAlloc
GetSystemDirectoryA

advapi32

RegDeleteValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
RegOpenKeyA
RegSetValueExA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA

comctl32

ord17

gdi32

DeleteDC
GetDeviceCaps
GetSystemPaletteEntries
CreatePalette
SetBkColor
DeleteObject
CreateFontIndirectA
RemoveFontResourceA
GetStockObject
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
RealizePalette
SelectPalette
CreateHalftonePalette
CreateDIBPatternBrush
CreateSolidBrush
SetBrushOrgEx
SetStretchBltMode
StretchDIBits
SetTextColor
ExtTextOutA
AddFontResourceA
SetBkMode

ole32

OleInitialize
CoCreateInstance
CoGetMalloc
OleUninitialize

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

user32

DialogBoxParamA
ExitWindowsEx
IsIconic
PostQuitMessage
BringWindowToTop
AdjustWindowRectEx
PostMessageA
EndDialog
IsDlgButtonChecked
CheckDlgButton
GetLastActivePopup
FindWindowA
RegisterClassA
LoadCursorA
DefWindowProcA
GetWindow
SendMessageA
GetSysColor
ScreenToClient
GetWindowRect
GetDlgItem
EndPaint
BeginPaint
GetClientRect
FillRect
SetTimer
GetDlgItemTextA
SendDlgItemMessageA
CheckRadioButton
SetFocus
GetParent
UpdateWindow
IsWindowVisible
InvalidateRect
CreateDialogParamA
RedrawWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
SetDlgItemTextA
SetWindowTextA
SetWindowPos
ShowWindow
DestroyWindow
CreateWindowExA
GetWindowLongA
IsWindowEnabled
EnableWindow
CallWindowProcA
ValidateRect
SetWindowLongA
GetClassNameA
MessageBoxA
PeekMessageA
wsprintfA
GetSystemMetrics
DrawTextA
LoadIconA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerFindFileA

Sections

UPX0
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

43653daf5274e9c538d8e7f7d4331f2e

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

gdi32

ole32

shell32

user32

version

Sections

UPX0 Size: 88KB - Virtual size: 88KB

UPX1 Size: 56KB - Virtual size: 56KB

.rsrc Size: 80KB - Virtual size: 80KB

UPX0
Size: 88KB - Virtual size: 88KB

UPX1
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 80KB - Virtual size: 80KB