a8a89dc7e49c78964d005a7156037d39958651d17f21072e01264229e97ee2ce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8a89dc7e49c78964d005a7156037d39958651d17f21072e01264229e97ee2ce
Size

90KB
MD5

a0603f44055307ee7d46bebb4e21e90f
SHA1

d3561959531a31c9fee00ce56095f65d4adc4414
SHA256

a8a89dc7e49c78964d005a7156037d39958651d17f21072e01264229e97ee2ce
SHA512

e9a74708a5bde757a086b07a38f11557fdf2c6833ab9cafa75e2a5db4f3cf846439f308b39698c3d01d4dfbfac52b1425e67fa8b482ca1fc15d7c76248f7893c
SSDEEP

1536:AMNA/V67pTvT9QPIctiC1A5+9xBt/FTofHAF1kw+Y+z7N1B8f8fbOSZGvg9vPVu:AM86ZT9QHcwtTUfgF19+Pz7F8f5SZIgv

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

a8a89dc7e49c78964d005a7156037d39958651d17f21072e01264229e97ee2ce
.dll regsvr32 windows x86

b48c08c2b91cbeb00081797daf9dfe8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
SetHandleCount

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SUE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE