647b452dcabd1120b8fbf6b118276f463b3d53cb25c73c25ee8d85a19afe7197

General

Target

647b452dcabd1120b8fbf6b118276f463b3d53cb25c73c25ee8d85a19afe7197
Size

6.3MB
MD5

65afcd639442e437de41c43ff87acacf
SHA1

71ec06acccf32526f7309b8d9bde5e8917ae1636
SHA256

647b452dcabd1120b8fbf6b118276f463b3d53cb25c73c25ee8d85a19afe7197
SHA512

6a85000df6a2d3933f49c4b36698d9f706d06df99c0029409e71a4651b9a028c3ad19e729431979648f1e77e7821e8e9ffed91d5b8285cb7b5a7c32f9dd52840
SSDEEP

98304:aKVPGkgsnCaLhrCDoE1rxYMFJBAUZLAY:fFgodCDoEDYMFJVZ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
647b452dcabd1120b8fbf6b118276f463b3d53cb25c73c25ee8d85a19afe7197

Files

647b452dcabd1120b8fbf6b118276f463b3d53cb25c73c25ee8d85a19afe7197
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

API_��ר�濨��
CloseSetWindows
Enable
EventDeviceCallback
EventFrieneVerify
EventGroupChat
EventGroupChatSendMsg
EventGroupEstablish
EventGroupMemberAdd
EventGroupMemberDecrease
EventGroupNameChange
EventGroupRevokeMsg
EventInvitedInGroup
EventPrivateChat
EventQRcodePayment
GetOlineUserTotal
Information
Initialization
Login
SdkVersion
SetTkVersionCard
Settings
Start
StopUsing
Uninstall
��_ȡ��汾��
��_ȡ��汾��_��
��_ȡ��
��_ȡ��ƥ��汾��
��_�߳�ȫ��ر�
��_�߳�ע��
��SOP��_ˢ��
��_ȡ��״̬_��վ
��_ȡ��״̬_�Ƿ񸶷�_��Ƴ��
��ŵ�_��
ˢ��_��ʱ��б�
ˢ��_��ŵ�_�ŵ��Ⱥӳ��
ˢ��_��ŵ��

Sections

UPX0
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: 4.2MB - Virtual size: 4.2MB

UPX1 Size: 2.0MB - Virtual size: 2.0MB

.rsrc Size: 9KB - Virtual size: 12KB

.imports Size: 10KB - Virtual size: 12KB

.reloc Size: 134KB - Virtual size: 136KB

UPX0
Size: 4.2MB - Virtual size: 4.2MB

UPX1
Size: 2.0MB - Virtual size: 2.0MB

.rsrc
Size: 9KB - Virtual size: 12KB

.imports
Size: 10KB - Virtual size: 12KB

.reloc
Size: 134KB - Virtual size: 136KB