eb46e2e3408e4a397015355de9c66d3ba1b93577034316975eea5d15147f458d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb46e2e3408e4a397015355de9c66d3ba1b93577034316975eea5d15147f458d
Size

90KB
MD5

56a24d3751c4f613bc7dfd8e81de254f
SHA1

79e40e9429f28b379619135705a8a3777ba92b75
SHA256

eb46e2e3408e4a397015355de9c66d3ba1b93577034316975eea5d15147f458d
SHA512

e223e6d8687c96a30ef9c96bf2ec12e1cf35ebb10cf1f637df36563df67b4dcfc9c311a0f37354115dbf95561ecb5890163dfa1d18220f173e77f2c2c0fe20da
SSDEEP

1536:yO0hixWdn0U8AoD8Se0KPxS9JwcCUIVD2SJHt9Xgc8X+:ytcG0U8HD8SKPxcSNlg+

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

eb46e2e3408e4a397015355de9c66d3ba1b93577034316975eea5d15147f458d
.dll regsvr32 windows x86

b48c08c2b91cbeb00081797daf9dfe8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
SetHandleCount

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SUE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE