86089835dbbb20d402e6b16df2763358fc83ba57e7e7d965811006d28dd60c16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86089835dbbb20d402e6b16df2763358fc83ba57e7e7d965811006d28dd60c16
Size

216KB
MD5

e67f70127b1125a9ed9368ed9005d798
SHA1

56139bcb252fa579c83bb76b63a7a2824d892d7d
SHA256

86089835dbbb20d402e6b16df2763358fc83ba57e7e7d965811006d28dd60c16
SHA512

2fe125e7645d1d6adb876a1ca491259bf41894b78a223f570bd82ee4098da929a1fcb5f5ca5764de3f93400600223e04cf2d8c6e5bf0aeaf931bfff3b39a7742
SSDEEP

6144:Ahrl1NWPLfVYF3xqEhNR7mYd+Y2oSSOgT:YjWjVymYotoSS1

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

86089835dbbb20d402e6b16df2763358fc83ba57e7e7d965811006d28dd60c16
.dll regsvr32 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Honaabc
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

UPX0
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE