5feb941ceb1a30c795cce022484d13a8002c456af04f836dfafda9abe6cdf4b0 | Triage

Sharing

General

Target

5feb941ceb1a30c795cce022484d13a8002c456af04f836dfafda9abe6cdf4b0
Size

268KB
MD5

40967858fc59d657cfda10d19a0c8f44
SHA1

6d5d03494bcf6b1feb05740fcf718d9483dac6f5
SHA256

5feb941ceb1a30c795cce022484d13a8002c456af04f836dfafda9abe6cdf4b0
SHA512

2992c6ca6493764054ed8a144b209fc23cedcf83540b9d86e49bb9553e512ac5b06bcf39aee8d7905db2f85a8db7c55252a783937f320bc1a08c31847cd2e62b
SSDEEP

6144:A4QXZ2QsisMGwq5ZVmZr7QWw3xTtdUs6swymlqtmI:zispwiIZr7QH9RClqtL

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

5feb941ceb1a30c795cce022484d13a8002c456af04f836dfafda9abe6cdf4b0
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

CreateMainProc
CreateProtectProc
DllCanUnloadNow
DllGetClassObject
SetVM
SysLogoff
SysLogon

Sections

UPX0
Size: - Virtual size: 456KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 261KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE