8867a6d0803bd68790d208c1e01d78641959e5fe462f78b357907f2b75960ed1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8867a6d0803bd68790d208c1e01d78641959e5fe462f78b357907f2b75960ed1
Size

348KB
MD5

0aaedee9d8c57e92d4b0543f4dbc0420
SHA1

d525e0706985a3f9bb547d51e0d6e31b16e5f012
SHA256

8867a6d0803bd68790d208c1e01d78641959e5fe462f78b357907f2b75960ed1
SHA512

b2d3cb540a4d6edb7f96b3a1ac6b8c11f3d931bb2d4759325f5ad7256baac76eae1740449271fffdb3f6dc4f8a8b7b6cb6b420bcb8bf5f5e389a826bac01c728
SSDEEP

6144:WWTgAYQSbTZsM5+qeXyGIT4cqvqOxagTEw29kSANaLa64v2cc29:WWUnxZ9d0hVGT9C0La64uH

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

8867a6d0803bd68790d208c1e01d78641959e5fe462f78b357907f2b75960ed1
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

winampGetExtendedFileInfo
winampGetInModule2
winampSetExtendedFileInfo
winampWriteExtendedFileInfo

Sections

UPX0
Size: - Virtual size: 396KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 233KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE