f2578211f7ef4825f665b792f907d731335577ba02ce8bf5ab3445290a6bac86 | Triage

Sharing

General

Target

f2578211f7ef4825f665b792f907d731335577ba02ce8bf5ab3445290a6bac86
Size

1.5MB
MD5

80475c552988c0958eab8bccd22bb098
SHA1

6611290f83eab4d8f8be016c95407802b99cc0f2
SHA256

f2578211f7ef4825f665b792f907d731335577ba02ce8bf5ab3445290a6bac86
SHA512

ed5a1f59f3edc7ff4238990418915bc140f1aab89af09e81f45a41de8c5f840cdb8d4d485e796ad43cae8f5b36019f7bed72a0850d7188b83aef3c743e1b4ddc
SSDEEP

24576:X1i2I92I9SRUMuWwqynqgf9ihSvY0L94:FNGuSQ0x

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

f2578211f7ef4825f665b792f907d731335577ba02ce8bf5ab3445290a6bac86
.dll regsvr32 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: 976KB - Virtual size: 976KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 451KB - Virtual size: 452KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE