95856409c02e38fdf435bc57e2be26e9915cd80d486ac05aa9c13a1261f1fe6c

General

Target

95856409c02e38fdf435bc57e2be26e9915cd80d486ac05aa9c13a1261f1fe6c
Size

1.7MB
MD5

4ba9fb4cbf3c176441c8fa97fc8db1b6
SHA1

0f1e080b79ba3625db4f4b6a64fe51f87bcec253
SHA256

95856409c02e38fdf435bc57e2be26e9915cd80d486ac05aa9c13a1261f1fe6c
SHA512

8b55fb2abb8ed67b42ee4fff1f92b0d8952ea0531c17468ed2566d921f1753c3863b294ded037b3e53f4aa1ced94436e825ee1e7480aeac55f509d8de98ddd56
SSDEEP

24576:A+QeBHGw6/gsLdr+axFsTqpIoR+BK9IVeNJzDZ3kK8PntjznpkycPdrRUkNaNEPx:Az/F+rTqpseNJzDZ3kK8l3nOyMtP9z

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95856409c02e38fdf435bc57e2be26e9915cd80d486ac05aa9c13a1261f1fe6c

Files

95856409c02e38fdf435bc57e2be26e9915cd80d486ac05aa9c13a1261f1fe6c
.exe windows:4 windows x86 arch:x86

49d2dcb48920e5a676a4a7fc8883fb2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

htonl

kernel32

GetVersion

user32

GetMenu

gdi32

ExtSelectClipRgn

winspool.drv

DocumentPropertiesA

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

StgCreateDocfileOnILockBytes

oleaut32

VariantChangeType

comctl32

ImageList_Add

oledlg

ord8

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 508KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UPX
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49d2dcb48920e5a676a4a7fc8883fb2e

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

comdlg32

msvcrt

iphlpapi

psapi

Sections

.text Size: 508KB - Virtual size: 1.2MB

UPX Size: 1.2MB - Virtual size: 1.2MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 20KB - Virtual size: 20KB

UPX Size: 4KB - Virtual size: 4KB

.text
Size: 508KB - Virtual size: 1.2MB

UPX
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 20KB

UPX
Size: 4KB - Virtual size: 4KB