5ac9d6dd54243122c22f911fc09f10765a46b622673eb24e63a4bcbc435ca9d8N

General

Target

5ac9d6dd54243122c22f911fc09f10765a46b622673eb24e63a4bcbc435ca9d8N
Size

1.3MB
MD5

947a15d804bb55bc5fb4bf164edade90
SHA1

57b5971db1e310cca0814580d11ae8c2f06af6f0
SHA256

5ac9d6dd54243122c22f911fc09f10765a46b622673eb24e63a4bcbc435ca9d8
SHA512

f28e97a406f64414e65133f33d177204339f4d7d009a527e584ec01aa40ff183c82f458aa4bf2e28d3dcc7a29b917d7e6c4cce91a8ee23ebb08d54897432912b
SSDEEP

24576:udV++n/Br9kezKJNR+sqwaHkDLSOn0WbLW/g7lkjz9fxnSh+1Tf4G5oomG5G05Ly:ubkezAR+sqwaEDV0CRRkV5nRb1Z5GILy

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ac9d6dd54243122c22f911fc09f10765a46b622673eb24e63a4bcbc435ca9d8N

Files

5ac9d6dd54243122c22f911fc09f10765a46b622673eb24e63a4bcbc435ca9d8N
.exe windows:5 windows x86 arch:x86

bec2e84917201de5150cbf619ed4ed9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey

comctl32

ImageList_Destroy

gdi32

SetStretchBltMode

kernel32

SetEndOfFile

oleaut32

SysAllocString

shell32

ShellExecuteA

user32

OpenClipboard

winmm

midiStreamRestart

winspool.drv

ClosePrinter

ws2_32

recv

comdlg32

GetFileTitleA

ole32

CLSIDFromProgID

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

UPX0
Size: 400KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 952KB - Virtual size: 952KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bec2e84917201de5150cbf619ed4ed9f

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

oleaut32

shell32

user32

winmm

winspool.drv

ws2_32

comdlg32

ole32

msvcrt

iphlpapi

psapi

Sections

UPX0 Size: 400KB - Virtual size: 1.0MB

.sedata Size: 952KB - Virtual size: 952KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.sedata Size: 4KB - Virtual size: 4KB

UPX0
Size: 400KB - Virtual size: 1.0MB

.sedata
Size: 952KB - Virtual size: 952KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.sedata
Size: 4KB - Virtual size: 4KB