8db229897d8b05a8fe9be7785f00a7716bc1d9fd3a8efa1c168009495ed7f2d8

Sharing

Copy URL Twitter E-mail

General

Target

8db229897d8b05a8fe9be7785f00a7716bc1d9fd3a8efa1c168009495ed7f2d8
Size

408KB
MD5

41b6d810d33a8d4b8f436c2c02631c4a
SHA1

779dba21a1550375c42901851aeb39232da1fd8f
SHA256

8db229897d8b05a8fe9be7785f00a7716bc1d9fd3a8efa1c168009495ed7f2d8
SHA512

e9da689b1f4438fb0a0ba0a41d55a7f17c6221ea021682bb99d86f867753a7e8e6c6aaa42455a050b3bf6cbe0c426a821e7944f6e90475b86d0ad88be52d3fb6
SSDEEP

3072:dfdIhcIIGt3wHgXzRpBNJ9LYLlPJmL75HgqtBOhqI8:0tRBRpBNJ90BItHbB

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8db229897d8b05a8fe9be7785f00a7716bc1d9fd3a8efa1c168009495ed7f2d8

Files

8db229897d8b05a8fe9be7785f00a7716bc1d9fd3a8efa1c168009495ed7f2d8
.exe windows:4 windows x86 arch:x86

b04e3765e4e970ad9f0f034ff2aa0a8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetACP
GetCPInfo
LoadLibraryA
GetStringTypeA
WriteFile
GetStringTypeW
GetFileType
GetStdHandle
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetVersionExA
GetEnvironmentVariableA
HeapCreate
VirtualAlloc
GetModuleFileNameA
GetProcAddress
TerminateProcess
VirtualFree
LCMapStringA
GetTickCount
LCMapStringW
GetCurrentProcess
RaiseException
ExitProcess
GetVersion
WideCharToMultiByte
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
lstrcatA
MultiByteToWideChar
lstrlenA
GetOEMCP
GetCurrentThreadId

user32

SetWindowLongA
SendMessageA
SetFocus
GetDlgItem
SetWindowPos
LoadImageA
GetSystemMetrics
SystemParametersInfoA
MapWindowPoints
GetClientRect
GetParent
GetWindowRect
GetWindow
wsprintfA
GetWindowLongA
SetDlgItemTextA
EndPaint
PostQuitMessage
DestroyWindow
DispatchMessageA
LoadBitmapA
BeginPaint
DrawStateA
CallWindowProcA
InflateRect
SetRect
GetWindowTextA
GetWindowDC
FillRect
InvalidateRect
CreateDialogParamA
ReleaseDC
DefWindowProcA
GetMessageA
ShowWindow
PeekMessageA
IsDialogMessageA
TranslateMessage

gdi32

SetBkMode
RoundRect
SetWindowOrgEx
BitBlt
DeleteObject
DeleteDC
StretchBlt
SelectObject
CreateCompatibleDC
MoveToEx
LineTo
GetTextExtentPoint32A
CreateCompatibleBitmap
SetBkColor
ExtTextOutA
CreateSolidBrush
GetObjectA
GetClipBox
LPtoDP
DPtoLP
GetBkColor
CreateFontA
Rectangle
CreatePen

ole32

CoUninitialize
CoInitialize

comctl32

_TrackMouseEvent
InitCommonControlsEx

Sections

UPX0
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX3
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b04e3765e4e970ad9f0f034ff2aa0a8a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

comctl32

Sections

UPX0 Size: 100KB - Virtual size: 100KB

UPX1 Size: 8KB - Virtual size: 8KB

UPX2 Size: 4KB - Virtual size: 4KB

UPX3 Size: 292KB - Virtual size: 292KB

UPX0
Size: 100KB - Virtual size: 100KB

UPX1
Size: 8KB - Virtual size: 8KB

UPX2
Size: 4KB - Virtual size: 4KB

UPX3
Size: 292KB - Virtual size: 292KB