9b18e223056f89fd52551f88499ede5be984b82509700ff31577245c1630706b

Sharing

Copy URL

Twitter E-mail

General

Target

9b18e223056f89fd52551f88499ede5be984b82509700ff31577245c1630706b
Size

2.8MB
MD5

33a2c71c9de8b9fdb3c35708c8751c13
SHA1

061f8f20ef3ffb098c9c6c99ce6ced5519444772
SHA256

9b18e223056f89fd52551f88499ede5be984b82509700ff31577245c1630706b
SHA512

49eab0a8e9af8303c4ec5dfdd943442960a67ff812f76d9a1375c3b12dee64439f447fb24ee7e4b98449a38bc7fd041b7af541bfc6a991751b585de4c65dd0db
SSDEEP

49152:L7kN1qixEfDcC85mPEWimAvwIMtAUqWtwZwj97slEZQ/6s:+92rcCYmcWiFw5AUqWtwgE/6s

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b18e223056f89fd52551f88499ede5be984b82509700ff31577245c1630706b

Files

9b18e223056f89fd52551f88499ede5be984b82509700ff31577245c1630706b
.dll windows:4 windows x86 arch:x86

9574053de954aa4f3ac3b6efdccc805f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc80

ord1671

msvcr80

_amsg_exit

kernel32

AddVectoredExceptionHandler

user32

SetForegroundWindow

gdi32

SetTextColor

advapi32

LookupPrivilegeValueA

shlwapi

PathFileExistsA

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

ws2_32

gethostname

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

shell32

SHGetFolderPathW

Exports

Exports

AutoJIN
HotJIN
HotJUN

Sections

.text
Size: 244KB - Virtual size: 720KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPXdata
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.UPXdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9574053de954aa4f3ac3b6efdccc805f

Headers

File Characteristics

Imports

mfc80

msvcr80

kernel32

user32

gdi32

advapi32

shlwapi

msvcp80

ws2_32

msvcrt

iphlpapi

psapi

shell32

Exports

Exports

Sections

.text Size: 244KB - Virtual size: 720KB

.rdata Size: 84KB - Virtual size: 84KB

.data Size: 40KB - Virtual size: 148KB

.rsrc Size: 12KB - Virtual size: 32KB

.reloc Size: - Virtual size: 92KB

.UPXdata Size: 2.4MB - Virtual size: 2.4MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.UPXdata Size: 4KB - Virtual size: 4KB

.text
Size: 244KB - Virtual size: 720KB

.rdata
Size: 84KB - Virtual size: 84KB

.data
Size: 40KB - Virtual size: 148KB

.rsrc
Size: 12KB - Virtual size: 32KB

.reloc
Size: - Virtual size: 92KB

.UPXdata
Size: 2.4MB - Virtual size: 2.4MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB

.UPXdata
Size: 4KB - Virtual size: 4KB