65cfe1bd58a51b5266635deb660e0120f6d0c52875c26043bd652019e475df49 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65cfe1bd58a51b5266635deb660e0120f6d0c52875c26043bd652019e475df49
Size

47KB
MD5

572449be9fceccea041f4e05fdfc309d
SHA1

51359eee45d973e9f854dd9d673c4cca4951c22e
SHA256

65cfe1bd58a51b5266635deb660e0120f6d0c52875c26043bd652019e475df49
SHA512

fbfc8f910cd680531d88240f19e44e66b66a037f40f93ec2c2cf5c33e9a55ddbfe99e85fdbff838aa4fb38f3938bc9e0aec14dd95c99ee0de160f6add1eb7b02
SSDEEP

768:9g/EIcuLTa4C7yU3bDre66eIXK9rwXnTHJJiEOR+RRRlQpo:9jIR5C1rH7uIrw3DZRio

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

65cfe1bd58a51b5266635deb660e0120f6d0c52875c26043bd652019e475df49
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllCanUnloadNow
DllGetClassObject
rundll

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ