1827793bf9b5b84e3be2ba5e8aa5fa84104f8ad188dde9b049c8a8957dee591e | Triage

Sharing

General

Target

1827793bf9b5b84e3be2ba5e8aa5fa84104f8ad188dde9b049c8a8957dee591e
Size

216KB
MD5

713aba775ae933e0a962fd4eb76e4f00
SHA1

6431410788fffeb3eed8262585263e007f0fbc79
SHA256

1827793bf9b5b84e3be2ba5e8aa5fa84104f8ad188dde9b049c8a8957dee591e
SHA512

91fc4762e28366e3e0ce4e3a7c8dd63f47b65297c99a904348f7d5234c1869f0f20c218da1a7ef815ed37fa159f648dab1f282d5c8fac5c07993736078c9f31d
SSDEEP

6144:Ehrl1NWPLfVYF3xqEhNR7mYd+Y2oSM+G:kjWjVymYotoSM

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

1827793bf9b5b84e3be2ba5e8aa5fa84104f8ad188dde9b049c8a8957dee591e
.dll regsvr32 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
Lkddcpm
DllMain
DllRegisterServer
DllUnregisterServer
ServiceMain

Sections

UPX0
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE