96d5236f2afca766e16718da02a4a78bc10628b4dfc0ad07b42f20ec5744fbc3

General

Target

96d5236f2afca766e16718da02a4a78bc10628b4dfc0ad07b42f20ec5744fbc3
Size

464KB
MD5

924c88ad05c8df52c65ae9c1decdccb4
SHA1

8346b325dd24a74a1cb7c2e83da0fc1f81d393e1
SHA256

96d5236f2afca766e16718da02a4a78bc10628b4dfc0ad07b42f20ec5744fbc3
SHA512

8bec6f2749e328c5d8094d046c054c78f9985adfea9e700a8ceb053a081bb8a62605b94bf84e43bc16fc96ff1078e3f2790ffaabdd7c0155b16cbeb0840cdc28
SSDEEP

6144:bbyLEbWaR5Cc9+VOcoPp2C/vz9uwYswNXmBd4LcHkz:bbUaWaR5vSVAp2qMwY/Wd4LY

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96d5236f2afca766e16718da02a4a78bc10628b4dfc0ad07b42f20ec5744fbc3

Files

96d5236f2afca766e16718da02a4a78bc10628b4dfc0ad07b42f20ec5744fbc3
.exe windows:4 windows x86 arch:x86

032ac126bef9dc99c70a99a6b91b16f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
FreeLibrary
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
WriteFile
IsBadWritePtr
IsBadReadPtr
HeapValidate
HeapAlloc
HeapReAlloc
DebugBreak
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
SetStdHandle
FlushFileBuffers
CloseHandle

Sections

UPX0
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

032ac126bef9dc99c70a99a6b91b16f2

Headers

File Characteristics

Imports

kernel32

Sections

UPX0 Size: 212KB - Virtual size: 212KB

UPX1 Size: 176KB - Virtual size: 176KB

UPX2 Size: 72KB - Virtual size: 72KB

UPX0
Size: 212KB - Virtual size: 212KB

UPX1
Size: 176KB - Virtual size: 176KB

UPX2
Size: 72KB - Virtual size: 72KB