eea4b7e4c35f05fa218336b48246bb7c3cd0e7cddb436ba0a988a235b01098d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eea4b7e4c35f05fa218336b48246bb7c3cd0e7cddb436ba0a988a235b01098d5
Size

322KB
MD5

dc7def9d37420f0e6634f5e791a6e290
SHA1

1d25d4baa948a7b7ed40a6d3c81b0cfa0d401ff1
SHA256

eea4b7e4c35f05fa218336b48246bb7c3cd0e7cddb436ba0a988a235b01098d5
SHA512

93c75e900091d6cd81d7ce06b3e6e67f028216623f9010bc4af120b525107d1faf143dcc3e40a3f82a015d7f32ce28909b86f29ed7b8aa169add58f26a883e74
SSDEEP

6144:J+8lWmruD+eppvmumP42ATt5dUsZrZXG0GP+Rg1f6oeAVONjaTLsthU:HXruayvmumPCt0wdXG7+RgniNdrU

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

eea4b7e4c35f05fa218336b48246bb7c3cd0e7cddb436ba0a988a235b01098d5
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetPlugInInfo
ReadAWD

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 159KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 156KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE