fc9244bed842aa70ec34de24b97320a933bd36d10374abe9796d636a3f1878fe[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

fc9244bed842aa70ec34de24b97320a933bd36d10374abe9796d636a3f1878fe.exe
Size

368KB
MD5

2401392f07273e35bb92523c0133f827
SHA1

c66b7cbf24157d8d07b25287045cafb824bd5759
SHA256

fc9244bed842aa70ec34de24b97320a933bd36d10374abe9796d636a3f1878fe
SHA512

c5c4a65f735a4f3af79d72637a14bd715927865dd7215aa3c74aea30e0dc5327546f25f0801e47c06c3663cd022040302c7a6ddf56bb37177d9437c6b851356e
SSDEEP

6144:sQz6R5TuJSMjFqW7NMkdNwBzeR2Oxk7KtM:pz6R5TuwQqW7KkvNDK

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc9244bed842aa70ec34de24b97320a933bd36d10374abe9796d636a3f1878fe.exe

Files

fc9244bed842aa70ec34de24b97320a933bd36d10374abe9796d636a3f1878fe.exe
.exe windows:10 windows x86 arch:x86

0d38267788c1f87a9d78b8a304a557bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
ExitProcess
GetCurrentProcessId
QueryPerformanceCounter
LeaveCriticalSection
InterlockedIncrement
SetLastError
GetModuleHandleA
LoadLibraryA
LoadLibraryA
GetCurrentProcessId
GetModuleHandleA
VirtualFree
WriteFile
VirtualAlloc
UnhandledExceptionFilter
HeapFree
GetCurrentThreadId
InitializeCriticalSection
GetProcessHeap
GetCurrentThreadId
ReadFile
LoadLibraryA
GetModuleHandleW
HeapReAlloc
MultiByteToWideChar
CreateThread
GetProcessHeap
SetUnhandledExceptionFilter
GetStartupInfoA
CloseHandle
LocalFree
ExitProcess
HeapFree
GetCurrentProcessId
WaitForSingleObject
GetCommandLineW
SetEvent
GetModuleFileNameA
CreateFileW
CreateFileA
GetCommandLineA
CreateThread
LoadLibraryW
DeleteCriticalSection
VirtualAlloc
SetLastError
ReadFile
WaitForSingleObject
LeaveCriticalSection
GetCurrentProcess
GetCommandLineW
DeleteCriticalSection
GetCommandLineW
GetCommandLineW
SetUnhandledExceptionFilter
HeapDestroy
SetFilePointer
MultiByteToWideChar
GetACP
WaitForSingleObject
FormatMessageW
ExitProcess
LeaveCriticalSection
InterlockedDecrement
GetCommandLineW
SetLastError
VirtualFree
GetStartupInfoA
GetCurrentProcess
GetACP
GetProcessHeap
GetModuleHandleA
GetTickCount
TerminateProcess
lstrcpyW
HeapAlloc
Sleep
CreateThread

shell32

SHGetSpecialFolderPathW
DragAcceptFiles
DragQueryFileW
CommandLineToArgvW
ExtractIconExW
DragAcceptFiles
ExtractIconExW
SHChangeNotify
SHGetDesktopFolder
SHGetDesktopFolder
ExtractIconW
DragAcceptFiles
SHGetDesktopFolder
SHGetDesktopFolder
SHGetPathFromIDListW
DragQueryFileW
SHGetFileInfoW
DragAcceptFiles
SHGetMalloc
SHGetFolderPathW
SHGetMalloc
ShellExecuteExW
SHGetDesktopFolder
ShellAboutW
Shell_NotifyIconW
Shell_NotifyIconW
SHGetSpecialFolderLocation
Shell_NotifyIconW
Shell_NotifyIconW
DragAcceptFiles
CommandLineToArgvW
SHGetPathFromIDListW
CommandLineToArgvW
Shell_NotifyIconW
DragQueryFileW
CommandLineToArgvW
ExtractIconW
ExtractIconW
SHGetMalloc
CommandLineToArgvW
ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW
DragQueryFileW
SHGetMalloc
ShellAboutW
SHGetFolderPathW
SHGetFolderPathW
SHGetMalloc
SHGetDesktopFolder
SHGetDesktopFolder
SHGetFileInfoW
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
ExtractIconW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHChangeNotify
DragFinish
SHGetDesktopFolder
ShellAboutW
SHGetSpecialFolderPathW
SHGetPathFromIDListW
DragQueryFileW
SHGetFolderPathW
ShellAboutW
ShellExecuteExW
ExtractIconExW
SHChangeNotify
SHChangeNotify
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetMalloc
Shell_NotifyIconW
SHChangeNotify
SHGetSpecialFolderLocation

user32

GetDesktopWindow
LoadMenuW
MessageBoxA
SendMessageA
SetCursor
GetDlgItem
MessageBoxW
wsprintfW
GetSystemMetrics
IsDialogMessageW
MessageBoxA
DrawTextW
WinHelpW
SetForegroundWindow
DispatchMessageA
SetForegroundWindow
CharNextW
FindWindowW
EndPaint
CallWindowProcW
RegisterClassExW
FillRect
MessageBeep
SetForegroundWindow
EndDialog
SetTimer
ReleaseCapture
CloseClipboard
GetCursorPos
GetClientRect
EndPaint
LoadStringA
SetFocus
TranslateMessage
SendDlgItemMessageW
GetWindowRect
UpdateWindow
SetCapture
wsprintfW
GetDlgItem
GetWindow
GetParent
DispatchMessageW
EndDialog
IsWindowVisible
DefWindowProcW
RegisterClassW
DestroyMenu
SetWindowLongW
GetDlgItem
PeekMessageW
MessageBoxA
IsDialogMessageW
wsprintfW
GetDesktopWindow
GetClientRect
FindWindowW
ShowWindow
IsWindowVisible
GetKeyState
IsWindowVisible
LoadStringA
EnableWindow
CreateDialogParamW
PostQuitMessage
LoadStringA
SendDlgItemMessageW
DestroyMenu
KillTimer
SendMessageA
DispatchMessageA
MapWindowPoints
GetSysColor
GetFocus
GetWindow
DrawTextW
GetCursorPos
MessageBeep
PostQuitMessage
LoadIconW

Sections

UPX0
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0d38267788c1f87a9d78b8a304a557bc

Headers

File Characteristics

Imports

kernel32

shell32

user32

Sections

UPX0 Size: 120KB - Virtual size: 120KB

UPX1 Size: 56KB - Virtual size: 56KB

.rsrc Size: 4KB - Virtual size: 4KB

.rmnet Size: 184KB - Virtual size: 184KB

UPX0
Size: 120KB - Virtual size: 120KB

UPX1
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 4KB - Virtual size: 4KB

.rmnet
Size: 184KB - Virtual size: 184KB