2b02abe929beaadd29ecb6feac561ba70aaeaf4ff1916fe5d35b3d5050446e4dN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b02abe929beaadd29ecb6feac561ba70aaeaf4ff1916fe5d35b3d5050446e4dN
Size

416KB
MD5

91831136a43a16ee2caee734f1798510
SHA1

3c1432be3c882e5b50b972362f4a6dd7550c0be6
SHA256

2b02abe929beaadd29ecb6feac561ba70aaeaf4ff1916fe5d35b3d5050446e4d
SHA512

b19fefdfed35ec4c97c2b260a4b4b78ccd843d44395fad3f29311c9348527edbbb22931dce6d8217efc95c366e2cc3e12b21a5ee01b236b8f9845fc6200b8679
SSDEEP

192:rnwkgv7rk927lbWb80aBcW/Ueo1ejK6nwkgv7rk927qKflldx/o:RgX0wbWISWsjIjK0gX0nKffdx/

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b02abe929beaadd29ecb6feac561ba70aaeaf4ff1916fe5d35b3d5050446e4dN

Files

2b02abe929beaadd29ecb6feac561ba70aaeaf4ff1916fe5d35b3d5050446e4dN
.exe windows:4 windows x86 arch:x86

a728b3e7da836984b63fd1c477c0e725

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetTickCount
Sleep

gdi32

ChoosePixelFormat
SetPixelFormat
SwapBuffers
TextOutA

glu32

gluPerspective

opengl32

glBegin
glBindTexture
glBlendFunc
glClear
glClearDepth
glColor3fv
glColor4f
glCopyTexImage2D
glDepthFunc
glDisable
glEnable
glEnd
glHint
glLoadIdentity
glMatrixMode
glOrtho
glPopMatrix
glPushMatrix
glRotatef
glScalef
glShadeModel
glTexCoord2f
glTexImage2D
glTexParameteri
glTranslatef
glVertex2f
glVertex2fv
glViewport
wglCreateContext
wglMakeCurrent

user32

ChangeDisplaySettingsA
CreateWindowExA
DispatchMessageA
GetDC
PeekMessageA
ShowCursor
ShowWindow
TranslateMessage

Sections

UPX0
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE