cd89168bea4f57649d7c3a3d9d74fd764e67edc1da438fd837a50326c82bd85c | Triage

Sharing

General

Target

cd89168bea4f57649d7c3a3d9d74fd764e67edc1da438fd837a50326c82bd85c
Size

68KB
MD5

ea836f8d7cb3720c7e74c7950698cb49
SHA1

6c2ed702f79a6998fbff383564e9f48dc7c2d711
SHA256

cd89168bea4f57649d7c3a3d9d74fd764e67edc1da438fd837a50326c82bd85c
SHA512

70746fa7747a37c5bc1bb2a8cd59149798e41788153cfb30434671f21f98ceb35c38c29dbbe434da177ea8c9f55db4f1172851fe437fbb5601eabd999a29cd67
SSDEEP

768:nHpI5EBmwLXHN6RRHHdB+BmHY97o014/89GH4X6Mgd90YQFO6ZXsSKhAUlxSoLG:nJIMlt6RRdOm214/hVh4KhHnZS

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

cd89168bea4f57649d7c3a3d9d74fd764e67edc1da438fd837a50326c82bd85c
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllCanUnloadNow
DllGetClassObject
inject

Sections

UPX0
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.new
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE