83a1b50ec0e132662911d1814dcdaa9c22bc94b0cdc09d62aa10e90b500a1914 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83a1b50ec0e132662911d1814dcdaa9c22bc94b0cdc09d62aa10e90b500a1914
Size

216KB
MD5

93a41dca2ebe8ec5f7069baf7e73403c
SHA1

9154a7e64f910e1c9ce5c09adb3709b5b481a8fc
SHA256

83a1b50ec0e132662911d1814dcdaa9c22bc94b0cdc09d62aa10e90b500a1914
SHA512

20c3551cb70052e1462f48f56f87d461a516b2595e27e744d42fbaef024227ee936568d57263b6692e76e8e8eaf284155c02b9a08faebcb0581974a8bf116627
SSDEEP

6144:Lhrl1NWPLfVYF3xqEhNR7mYd+Y2oSKOgE:HjWjVymYotoSK2

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

83a1b50ec0e132662911d1814dcdaa9c22bc94b0cdc09d62aa10e90b500a1914
.dll regsvr32 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Kmmadon
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

UPX0
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE