98bb12a403185e5817c7ef02d2360cf5e910138aa20c7a62a469c2d59ed7178c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98bb12a403185e5817c7ef02d2360cf5e910138aa20c7a62a469c2d59ed7178c
Size

120KB
MD5

34af75dc8ee5f330998b03b9b553ec5c
SHA1

3b9b7a4c52c4001b96f2f6ceb5ddc656c1436f60
SHA256

98bb12a403185e5817c7ef02d2360cf5e910138aa20c7a62a469c2d59ed7178c
SHA512

f2da9e2b1d558b585bf2e81c0de7bc9e7df8975dc88e2f678fda2e1e4b837e618eca32bba6992301c95a553de05842b8987b8f82aa0eed3e0c021c530bb139ab
SSDEEP

3072:V3M1x2bvwVz7xbRgP2VrKrh12yd66j4eTXghTVF8uAIXw6LQ6USOI:1M1Qb25RgPVr32yM6DghTvzLQ

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

98bb12a403185e5817c7ef02d2360cf5e910138aa20c7a62a469c2d59ed7178c
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllCanUnloadNow
DllGetClassObject
setvm

Sections

UPX0
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ