c130bb18a3f9c6179ce7fd8ad278568a22d4acd002435753305ab5a00e975848 | Triage

Sharing

General

Target

c130bb18a3f9c6179ce7fd8ad278568a22d4acd002435753305ab5a00e975848
Size

22KB
MD5

0460ac88e94172834272ad98278ca07a
SHA1

8396def03dfad2dc6e73216f057908c7c3225fb9
SHA256

c130bb18a3f9c6179ce7fd8ad278568a22d4acd002435753305ab5a00e975848
SHA512

93d25791d4aa9eddcaf85ba333f263cd238453f303c9770e192892af24adf550d4e138e3273b573bc8c0dcc868bab459be324674770d11df7834942835322ab7
SSDEEP

384:wqR/vp7eM0eJuSWw2pxN0+ZsklraUATmKJG0:F/vpyM0ouLwspZsubAT

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

c130bb18a3f9c6179ce7fd8ad278568a22d4acd002435753305ab5a00e975848
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

Activate
DllCanUnloadNow
DllGetClassObject
HookProc
Logoff
Logon
Start

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE