6c3918bd88f5fc27c302bbb3114b4dcf06864ca57a0fbfe79c055c9fdfe0b3a0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6c3918bd88f5fc27c302bbb3114b4dcf06864ca57a0fbfe79c055c9fdfe0b3a0
Size

986KB
MD5

30c8141196752aef83127caf1563d0e0
SHA1

0e9594216a413a7b4404dc7597c02fecc223ebd6
SHA256

6c3918bd88f5fc27c302bbb3114b4dcf06864ca57a0fbfe79c055c9fdfe0b3a0
SHA512

14a94554d109212f71bb3ab389105dd4235dab0d2e11cdfc46e13b95612e9ea8134cdd5e483bac4bc44050379b12051849673eaf2e282ff03379a30ee6992f08
SSDEEP

24576:AbcvZBFuoiTf0fldyb6ncSTPSadVjEFm0ifstZkGEToI:AbcvZBFGIyuLThdaIEtZm

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

6c3918bd88f5fc27c302bbb3114b4dcf06864ca57a0fbfe79c055c9fdfe0b3a0
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

InstallPost
KillProcess
RemoveCallerApp
UnInstallPost

Sections

UPX0
Size: - Virtual size: 1020KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 914KB - Virtual size: 916KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE