10db7db0fbe76dbb1b9bf3a0b780d45d192d1ffbbca77eae5988e2f1a2c9c5a8 | Triage

Sharing

General

Target

10db7db0fbe76dbb1b9bf3a0b780d45d192d1ffbbca77eae5988e2f1a2c9c5a8
Size

6.3MB
MD5

cfc6f64a78252e5dc36dd00664914d62
SHA1

525dad0f6836fbec13b51e72c6961f3c57a0b34e
SHA256

10db7db0fbe76dbb1b9bf3a0b780d45d192d1ffbbca77eae5988e2f1a2c9c5a8
SHA512

3dfb8f5b3dec2eb63e7caa4759701b601bace75cf89f86fb65d9654e61880ddaeb121ae6bfd0fe10d5d517f0f589e53e1d933be75ca355d39584528ca9c14516
SSDEEP

98304:YjHww1gq5pkdbcfYz/QshCV1p03e4WZLiC15jdX5WW:Q2sshidZzn

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10db7db0fbe76dbb1b9bf3a0b780d45d192d1ffbbca77eae5988e2f1a2c9c5a8

Files

10db7db0fbe76dbb1b9bf3a0b780d45d192d1ffbbca77eae5988e2f1a2c9c5a8
.dll windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

��_ȡ��
�ڴ�DLL�ӿ�

Sections

UPX0
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE