dd801d1f4c25ca6a0d264360c79026eb80380697fbfb6808a4217d3e2d4968a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd801d1f4c25ca6a0d264360c79026eb80380697fbfb6808a4217d3e2d4968a4
Size

360KB
MD5

793e630a9fbdfa974cbd71fc5e20aa7c
SHA1

e82bc58f5405939d651d59f79b350c9dfc2f031e
SHA256

dd801d1f4c25ca6a0d264360c79026eb80380697fbfb6808a4217d3e2d4968a4
SHA512

81c4a663f243021afe4c7427920d7a18543cfd3f18f5a497fbec661ced4c2ca0c761ee0e17d27b46ee4cc07519a5d8f0d66e12393473d70543f992ab29a71d9c
SSDEEP

3072:dkeCkmBAzoCv2UDNwQhk0wy0/Uu2oHgsYhnC:yVwoby4QIYc

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

dd801d1f4c25ca6a0d264360c79026eb80380697fbfb6808a4217d3e2d4968a4
.dll regsvr32 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX1
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE