98cbcb5ccc8ab47e1e7906b1fe8c1008dfa7b1efbb4f0631ad5b70c28dad0471 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98cbcb5ccc8ab47e1e7906b1fe8c1008dfa7b1efbb4f0631ad5b70c28dad0471
Size

110KB
MD5

7fb3e517f9f5e532fe4744180d11f58a
SHA1

2cfa4683c7a91ef77673fd4705b28cbaa4787a28
SHA256

98cbcb5ccc8ab47e1e7906b1fe8c1008dfa7b1efbb4f0631ad5b70c28dad0471
SHA512

d51bad7a5a83410ac68ee53a7c34e3af978c41da965a9822270b4ec9ec16d054cb64d1c3a7a4f0b68ba99b53882469d1c6f5a0c77349303d14150211da95f2f6
SSDEEP

768:rfuGKppWZ5OK3abfc9YtDACQestrJopT7adaKe2CSs9TrJT60Gzcydwoj2OwL1EN:rfu352CSs5pydwoj23mxVtJ7u9/ijD

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

98cbcb5ccc8ab47e1e7906b1fe8c1008dfa7b1efbb4f0631ad5b70c28dad0471
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

LpkDllInitialize
LpkDrawTextEx
LpkEditControl
LpkExtTextOut
LpkGetCharacterPlacement
LpkGetTextExtentExPoint
LpkInitialize
LpkPSMTextOut
LpkTabbedTextOut
LpkUseGDIWidthCache
ftsWordBreak

Sections

UPX0
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE