fdcdc4cc9dc94a5d00d6431c026f0cd1fd41e1f682fd342e8e0e3a9ba895e8bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdcdc4cc9dc94a5d00d6431c026f0cd1fd41e1f682fd342e8e0e3a9ba895e8bb
Size

270KB
MD5

36628fd47e39fbc37c15048cc82f4700
SHA1

703dc2d76054c697ff775a3a49d12a6e2469a09c
SHA256

fdcdc4cc9dc94a5d00d6431c026f0cd1fd41e1f682fd342e8e0e3a9ba895e8bb
SHA512

d5a0a46ff432c207d2df5fa110aee517982d29da3ecbad1b56941f56f9e47b895e99bbf1b2205022bf390b0172245b15a966c4612324fb7ffb0ce56e5eaaa658
SSDEEP

6144:/kQxoe0+GuIhbDzYey4uqIA+n0VzDNMqhPsOTnwxoRgm3pvql3:/+e0uybnJfIA8Oz1hPsToRg4pC9

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

fdcdc4cc9dc94a5d00d6431c026f0cd1fd41e1f682fd342e8e0e3a9ba895e8bb
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

CreateMainProc
CreateProtectProc
DllCanUnloadNow
DllGetClassObject
SetVM
SysLogoff
SysLogon

Sections

UPX0
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 263KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE