caac32440a3fa8608b1bf6f4e1062ff21a2951f739e813ed693148d58c078ecf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

caac32440a3fa8608b1bf6f4e1062ff21a2951f739e813ed693148d58c078ecf
Size

275KB
MD5

479fc94ffb25c4e83d3d87be2a7b46eb
SHA1

551bc5c29b69ee37753b4e5fcd6c48a866044158
SHA256

caac32440a3fa8608b1bf6f4e1062ff21a2951f739e813ed693148d58c078ecf
SHA512

adbfcb2db303c5ca37490ead1f2140d76a9fcaff322aaa478fac4ead572649a5e4ea97a626cb4e33e59557ba9b202e0d5b149a778282458f1d02f130e36e5867
SSDEEP

3072:Wt8rsF+k1djAei165y8ohhzMLGTwcTVCepTLIZXaF75ZQwydSjaL8tQDg3U2i1Z2:URdi16C7x+kF75SwQpgVPoHukfW8e1l

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

caac32440a3fa8608b1bf6f4e1062ff21a2951f739e813ed693148d58c078ecf
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

CreateMainProc
CreateProtectProc
DllCanUnloadNow
DllGetClassObject
Setup
SysLogoff
SysLogon

Sections

UPX0
Size: - Virtual size: 476KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 264KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ