b7420bbcbdc752714b1bc36ff78a6580N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

b7420bbcbdc752714b1bc36ff78a6580N.exe
Size

438KB
MD5

b7420bbcbdc752714b1bc36ff78a6580
SHA1

3b9be450a0232c0e879662328a0c8cc33502305b
SHA256

553b0f3d25e0d6b49f50b7ba6b977a9c26313c5184d6b3c3e4f4990a9923d184
SHA512

fb1b135d00f2a3322c97299cb5c5ed80dfe4e0d04e22a3552078ad2c0d59541063bdbad4bb287683ee82defcc244f6787d2b6287a114abdef042f178d12cf98c
SSDEEP

3072:MgUDUT1q0+29RW6Q93rYfghbEhKsJVPP6+9LasA1//7YXg8kHBOnZtT6mwyshf:XV55pRPQdrFhbEhtVacLaN//2gWF6llf

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7420bbcbdc752714b1bc36ff78a6580N.exe

Files

b7420bbcbdc752714b1bc36ff78a6580N.exe
.exe windows:4 windows x86 arch:x86

5dc4d890d100a6a3aa07b5c431c18838

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetLocalTime
CreateThread
GlobalUnlock
GlobalLock
SetFileTime
GetFileTime
GlobalMemoryStatus
FindClose
FindNextFileA
FindFirstFileA
ReadFile
GetFileSize
GetCurrentProcess
TerminateProcess
OpenProcess
GetLastError
HeapFree
HeapAlloc
GetProcessHeap
ExitThread
WriteFile
GetStartupInfoA
CreatePipe
GlobalAlloc
GetComputerNameA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetFileAttributesA
DeleteFileA
GetCurrentDirectoryA
GetLogicalDriveStringsA
TerminateThread
GetVersionExA
ExitProcess
GetTickCount
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetTempPathA
OpenMutexA
Sleep
CreateProcessA
CloseHandle
CreateMutexA
CopyFileA
PeekNamedPipe
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetVersion
GetCommandLineA
RtlUnwind
GetSystemTime
GetTimeZoneInformation
RemoveDirectoryA

advapi32

ControlService
RegDeleteKeyA
QueryServiceStatus
EnumDependentServicesA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
GetUserNameA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

user32

GetClipboardData
OpenClipboard
GetWindowTextA
GetForegroundWindow
GetAsyncKeyState
CloseClipboard
GetClassNameA
PostMessageA
EnumChildWindows
IsWindowVisible
EnumWindows
ExitWindowsEx
ShowWindow
MessageBoxA

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetCrackUrlA
InternetCloseHandle

ws2_32

send
htons
inet_addr
gethostbyname
inet_ntoa
socket
connect
WSAStartup
closesocket
WSACleanup
getsockname
accept
select
listen
htonl
bind
gethostbyaddr
ntohl
WSASocketA
sendto
__WSAFDIsSet
setsockopt
WSAAsyncSelect
gethostname
WSAIoctl
recv
ntohs

Sections

UPX0
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5dc4d890d100a6a3aa07b5c431c18838

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

user32

wininet

ws2_32

Sections

UPX0 Size: 128KB - Virtual size: 128KB

UPX1 Size: 84KB - Virtual size: 84KB

UPX2 Size: 72KB - Virtual size: 72KB

UPX0
Size: 128KB - Virtual size: 128KB

UPX1
Size: 84KB - Virtual size: 84KB

UPX2
Size: 72KB - Virtual size: 72KB