82a74d0e2c89c97918b542eab37a4b62e24e92cfc10aa68157a3501b8ba41edf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

82a74d0e2c89c97918b542eab37a4b62e24e92cfc10aa68157a3501b8ba41edf
Size

838KB
MD5

51791a33fbaaee7fa00dee1a45af62c0
SHA1

da0a1bf0d8a7c51c6b3ef9f98f3c1d7e824f0a27
SHA256

82a74d0e2c89c97918b542eab37a4b62e24e92cfc10aa68157a3501b8ba41edf
SHA512

8e6c2a82a2e4a9dd7832b76cb172c901d44731462616bdd7730e51fb57cb395c31c7895e54bb81bfa6d37fbdc469b941b1f01df4938e226da9215a037bd5a5dd
SSDEEP

12288:k4SMpJcv7N0Zx4OXkXZ1g4KNtkiDPR/TNyEoB:PJczN4x4OCZPKPPR/5A

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

82a74d0e2c89c97918b542eab37a4b62e24e92cfc10aa68157a3501b8ba41edf
.dll regsvr32 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProductSKU
InstallEngineTypelib
RemoveEngineTypelib

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 351KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 357KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE