26b1684e156774a03ab696ea48429da8a37afdd8cc95fc4cc64e2036d50ea496 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26b1684e156774a03ab696ea48429da8a37afdd8cc95fc4cc64e2036d50ea496
Size

65KB
MD5

4fd8ad1899f8f6ef7fdb46d9a612e01d
SHA1

3f47717d7b09aa9507b0a55dba21c9901169f1b5
SHA256

26b1684e156774a03ab696ea48429da8a37afdd8cc95fc4cc64e2036d50ea496
SHA512

46c983980ec5d1984fa0bf8377fa8beb9e35d98ad182f94cef869d692b4ed13bd827a6e54581f1dfc0afc23f95eb143e013f9fe31aba3b33b3015e7b4dc31492
SSDEEP

1536:BYMNFQ7ud6Dh3WfsqB55ygcirqrO4M8TLdAC8BI6p8hN:BYgQm6x4hyWilTZApAN

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

26b1684e156774a03ab696ea48429da8a37afdd8cc95fc4cc64e2036d50ea496
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

GetSkillName2
StartAutoPotionBlue
StartAutoPotionRed
StopAutoPotionBlue
StopAutoPotionRed

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE