6843fb0431100a18643e5bf7d8e22fb2becc54ed89afdbcfe8609998a910a021 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6843fb0431100a18643e5bf7d8e22fb2becc54ed89afdbcfe8609998a910a021
Size

274KB
MD5

537dde12beb6eab64e684d71e4647e42
SHA1

4a3c1e3ef8bbc65ec6d92b292900822f4f7bc44e
SHA256

6843fb0431100a18643e5bf7d8e22fb2becc54ed89afdbcfe8609998a910a021
SHA512

a3bbbfa71afe7726b00540f3f92aad3f5fa2eaa77c015149842955b46bc4f7632912c15e89a2140008e149a6a26b8e0c860fcd10d3c6c35393d31fe9324693c6
SSDEEP

6144:5Gs26KcikP9LooYTevHQMXyKv0xEMVwyDran0Ww:5Gs26HiWLkIHJXNcxEapvan0Ww

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

6843fb0431100a18643e5bf7d8e22fb2becc54ed89afdbcfe8609998a910a021
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

CreateMainProc
CreateProtectProc
DllCanUnloadNow
DllGetClassObject
RealLogoff
RealLogon
Setup

Sections

UPX0
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 263KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

z?�m
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ