efd1f25313c65cc802450582f4269140N[.]exe

General

Target

efd1f25313c65cc802450582f4269140N.exe
Size

121KB
MD5

efd1f25313c65cc802450582f4269140
SHA1

cda0e7be5306cc11c22f359c66741a2b790204d3
SHA256

91094b4370057c97c4ce3b6ab7c17ce17a3790fa0582a9052c9cff631ed3d39b
SHA512

03fdbc0a6a588586e64a3225c18f18e4ac4a3ab1b7e1c964d0930f3d98443d37674f773fedf35bb4a028e8f08b97912897182ce32aae63f89bab6a372fdf78df
SSDEEP

768:M2oGKdfzF7zUTWVX9hK2GKdJ5i0uIaOAMKl:M2oGKfzF7zUmzNGKXiFIaOIl

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efd1f25313c65cc802450582f4269140N.exe

Files

efd1f25313c65cc802450582f4269140N.exe
.exe windows:5 windows x86 arch:x86

f636ef8d4985addf9d7e4bf2a5d4d9a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
MultiByteToWideChar
lstrlen
MapViewOfFile
UnmapViewOfFile
lstrlenA
CloseHandle
GetModuleHandleA
GetProcAddress
CreateDirectoryA

msvcrt

_exit
_controlfp
_XcptFilter
exit
__p__acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

ole32

CoInitialize
CoUninitialize
CoCreateInstanceEx

oleaut32

SysAllocStringLen
SysFreeString

user32

ModifyMenuA
RemoveMenu
EndDialog
SetWindowTextA
SetScrollInfo
CheckMenuItem
ReleaseDC
GetDC
MoveWindow
GetClientRect
EnableMenuItem
GetMenuItemID
DeferWindowPos
EndDeferWindowPos
TranslateAcceleratorA
SetMenuItemInfoA
LoadStringA
InsertMenuItemA
GetPropA
RemovePropA
SetPropA
ScrollWindow
CreateCursor
DestroyCursor
GetSubMenu
BeginDeferWindowPos
DestroyAcceleratorTable
ShowCursor
RegisterWindowMessageA
AppendMenuA
DragDetect
GetCapture
CreateDialogIndirectParamA
ReleaseCapture
FindWindowA
CreateAcceleratorTableA
CharUpperA
DrawTextExA
DialogBoxParamA
DrawEdge

Sections

UPX0
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f636ef8d4985addf9d7e4bf2a5d4d9a6

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

oleaut32

user32

Sections

UPX0 Size: 28KB - Virtual size: 28KB

UPX1 Size: 8KB - Virtual size: 8KB

.rsrc Size: 80KB - Virtual size: 80KB

UPX0
Size: 28KB - Virtual size: 28KB

UPX1
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 80KB - Virtual size: 80KB