Sample details: 707ec8d1e25478025caa0f9921d6a36e --

Hashes
MD5: 707ec8d1e25478025caa0f9921d6a36e
SHA1: 88930c907fec6bb82b274bc874e9f30bb2550ec9
SHA256: 98874764ad84e17bdb1a5638c9701a9c234a8174118cd0109e8d66438be6874d
SSDEEP: 192:5UtXgFvnmLdvh/AiYvC8AS0uGDC1cxw2/Mw1sTyd1wTtrCUWb6pQs220:mgvne5VMASfG2u62Uq1wTtrCtbDs2
Details
File Type: PE32
Yara Hits
YRP/Microsoft_Visual_Cpp_V80_Debug | YRP/Microsoft_Visual_Cpp_80_Debug_ | YRP/Microsoft_Visual_Cpp_80_Debug | YRP/IsPE32 | YRP/IsConsole | YRP/HasDebugData | YRP/IsBeyondImageSize | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/anti_dbg | YRP/win_files_operation | FlorianRoth/DragonFly_APT_Sep17_3 |
Source
http://103.68.190.250/Sources//Advance/BJWJ/Builds/Bin/Release/UpxHelper.exe
http://103.68.190.250/Sources//Advance/BJWJ/Builds/Bin/Release%20DEBUGCONFIG/UpxHelper.exe
Strings
		!This program cannot be run in DOS mode.
'_.ac>@2c>@2c>@2}l
2a>@2}l
2p>@2D
;2`>@2c>A2U>@2}l
2f>@2}l
2b>@2}l
2b>@2Richc>@2
.textbss
`.rdata
@.data
.idata
@.reloc
t"h@YA
bad allocation
Use: path to MiniLoader, path to source file, path to target file, magickey
UPX_HELP:	need parameters
UPX_HELP: successful 
UPX_HELP: I can'nt write to [ %s ] 
UPX_HELP: [ %s ] is very big
UPX_HELP: I can'nt read from [ %s ] 
UPX_HELP: conflict two equal string '%s'
UPX_HELP: not found '%s'
H:\ProgramSources\commerc\C++\UpxHelper\Debug\UpxHelper.pdb
lstrcmpA
HeapAlloc
GetProcessHeap
HeapFree
CloseHandle
ReadFile
GetFileSize
CreateFileA
CreateFileW
WriteFile
KERNEL32.dll
memcpy
printf
strncmp
MSVCR90D.dll
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_amsg_exit
__getmainargs
_XcptFilter
_cexit
__initenv
_CrtSetCheckCount
_CrtDbgReportW
_initterm
_initterm_e
?terminate@@YAXXZ
_controlfp_s
_invoke_watson
_unlock
__dllonexit
_onexit
_decode_pointer
_except_handler4_common
_crt_debugger_hook
InterlockedExchange
InterlockedCompareExchange
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
    <security>
      <requestedPrivileges>
        <requestedExecutionLevel level="asInvoker" uiAccess="false"></requestedExecutionLevel>
      </requestedPrivileges>
    </security>
  </trustInfo>
  <dependency>
    <dependentAssembly>
      <assemblyIdentity type="win32" name="Microsoft.VC90.DebugCRT" version="9.0.21022.8" processorArchitecture="x86" publicKeyToken="1fc8b3b9a1e18e3b"></assemblyIdentity>
    </dependentAssembly>
  </dependency>
</assembly>
3%3-333=3k3q3{3
4b5h5r5x566R6Y6z6
7;8g8q8
9$9*90969<9B9H9N9k9s9~9
96:C:H:M:S:Y:^:c:i:q:w:
;";G;O;d;m;v;{;
<2<:<C<I<P<W<^<l<r<z<
?,?:???D?
0.0B0H0X0]0o0
2'2<2H2T2d2
384=4O4h4
6<6B6H6N6T6Z6a6h6o6v6}6