b1246cd7c4703f391353b4fe839c884b98cac83394c09d2287a9532626836a6b

General

Target

b1246cd7c4703f391353b4fe839c884b98cac83394c09d2287a9532626836a6b
Size

124KB
MD5

16c62a2157fcbe0fc9db6b4151c5212f
SHA1

05d72258655a965f91e430f83963e9f5c526b571
SHA256

b1246cd7c4703f391353b4fe839c884b98cac83394c09d2287a9532626836a6b
SHA512

769228d8a832f2f50b74cad6d356d409495e66599509ffc5f0c08f29de8213f156c1fa14f2ebc33ddc64e03d94d9a384734401f501c12b9189519dc674002921
SSDEEP

768:5zJOr7cYFXS9KSBK89GsqxWSDwU7Oo0pGyA7tcqrn0YmBSCrDJILkaWdEI/BaTWf:5zEwYpKTniUSh6jSt1cIIvFQWUGgcHJ

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1246cd7c4703f391353b4fe839c884b98cac83394c09d2287a9532626836a6b

Files

b1246cd7c4703f391353b4fe839c884b98cac83394c09d2287a9532626836a6b
.exe windows:4 windows x86 arch:x86

8561e6afb8bc42efa20f0f19abedabae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
GetFileSize
CreateFileA
lstrlenA
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GetTickCount
LoadLibraryA
HeapAlloc
GetProcessHeap
Sleep
lstrcatA
WaitForSingleObject
GetLastError
CreateMutexA
ExitProcess
DeleteFileA
HeapFree
ReleaseMutex
CopyFileA
GetTempPathA
HeapDestroy
HeapCreate
ReadFile
Process32First
lstrcmpiA
CreateToolhelp32Snapshot
GetProcAddress
GetCompressedFileSizeA
GetFileAttributesA
SetLastError
Module32Next
Module32First
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetComputerNameA
GetFileTime
GetSystemTimeAsFileTime
lstrcmpA
WideCharToMultiByte
GetStartupInfoA
GetCommandLineA
CloseHandle
Process32Next
WriteFile

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor

Sections

UPX0
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8561e6afb8bc42efa20f0f19abedabae

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

UPX0 Size: 20KB - Virtual size: 20KB

UPX1 Size: 28KB - Virtual size: 28KB

.rsrc Size: 72KB - Virtual size: 72KB

UPX0
Size: 20KB - Virtual size: 20KB

UPX1
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 72KB - Virtual size: 72KB