f9781e97b74c0475766ffb389c4ec9c9bc84885c541b4056057a8cf318368ab0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9781e97b74c0475766ffb389c4ec9c9bc84885c541b4056057a8cf318368ab0
Size

274KB
MD5

56f62549e1c5ac1c4374dfaa5e0f48eb
SHA1

ccc21e1de8aa14865a77d366fde6f501cfdce07f
SHA256

f9781e97b74c0475766ffb389c4ec9c9bc84885c541b4056057a8cf318368ab0
SHA512

8d11d207c16327eae6cfcdae8370d550e566f02d0643642a9858036848961a22d6bd7035a960aadf018c82718e8767f6adee3b9ac0ad22aef7cd2bb01f31c3ed
SSDEEP

6144:BdCxw+O1nZ5xWInmP1SnvvOP9ZPTgsAkwLwb0nnEN7U:O8nYI8SnvIPhVwL80nEN7U

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

f9781e97b74c0475766ffb389c4ec9c9bc84885c541b4056057a8cf318368ab0
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

CreateMainProc
CreateProtectProc
DllCanUnloadNow
DllGetClassObject
RealLogoff
RealLogon
Setup

Sections

UPX0
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 263KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�8��
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ