01af672296021fecf55034554dacd2efb9efab9b3f2c1fdf393e9ef5645880dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01af672296021fecf55034554dacd2efb9efab9b3f2c1fdf393e9ef5645880dc
Size

150KB
MD5

a44255a6fbf379efc3e6fbf59366130a
SHA1

d84c823b29dc8ef2f793f8c849a67adc079ad0b8
SHA256

01af672296021fecf55034554dacd2efb9efab9b3f2c1fdf393e9ef5645880dc
SHA512

145f1d276c85b2a3afd85c7329cb74568df915ec8e8136e59b4d09e0048ca7357ca7d1bb7cdcaff1247c65380b0a1f0e5f716bf5e7452e961b3f1d19d7dbcd79
SSDEEP

3072:DJT0pmkbw5LSes4QKGnY01CaqlA9n9S7PgPqtDAP5BSMY94RLdK08dLYdt7BI5:apvbwpSjoGY0gaqCV8bgPpji4RLdH8dZ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01af672296021fecf55034554dacd2efb9efab9b3f2c1fdf393e9ef5645880dc

Files

01af672296021fecf55034554dacd2efb9efab9b3f2c1fdf393e9ef5645880dc
.dll windows:4 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

sws_allocVec
sws_alloc_context
sws_alloc_set_opts
sws_convertPalette8ToPacked24
sws_convertPalette8ToPacked32
sws_frame_end
sws_frame_start
sws_freeContext
sws_freeFilter
sws_freeVec
sws_getCachedContext
sws_getCoefficients
sws_getColorspaceDetails
sws_getContext
sws_getDefaultFilter
sws_getGaussianVec
sws_get_class
sws_init_context
sws_isSupportedEndiannessConversion
sws_isSupportedInput
sws_isSupportedOutput
sws_normalizeVec
sws_receive_slice
sws_receive_slice_alignment
sws_scale
sws_scaleVec
sws_scale_frame
sws_send_slice
sws_setColorspaceDetails
swscale_configuration
swscale_license
swscale_version

Sections

UPX0
Size: - Virtual size: 560KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 147KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE