22d86641611138814feaf99603358ffa553afca48f24ada40a2a2e009e00a903 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22d86641611138814feaf99603358ffa553afca48f24ada40a2a2e009e00a903
Size

104KB
MD5

305256ef0d75b63b0d2ee926e54e69b0
SHA1

19c145cb29c56e3e40d5b161eafa5e12efe40516
SHA256

22d86641611138814feaf99603358ffa553afca48f24ada40a2a2e009e00a903
SHA512

ee6c4cc18f8b2b3a9f3250e36bea934227613b431a8b22691cafe01498c5175ec6e293bfa3f3a20da637183f212d3e141eb9d18df661d462f2e252fcf79eddf8
SSDEEP

1536:9LM9Q0g2NT8Fbk3cdgUcmkij+FfYOIa5UTPUY7ZtZAapKusDieqwVWLH:9L0LJ3Ys0+BYYWJkDi9wU

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

22d86641611138814feaf99603358ffa553afca48f24ada40a2a2e009e00a903
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

GetVcodeFromBuffer
GetVcodeFromFile
GetVcodeFromHBitmap
GetVcodeFromHWND
GetVcodeFromIECache
GetVcodeFromURL
LoadCdsFromBuffer
LoadCdsFromFile

Sections

UPX0
Size: - Virtual size: 280KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 44KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE