1ee37357a52a50517c97ee20a6074d9eb245a4e36d631889665b9a0c2e491d16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ee37357a52a50517c97ee20a6074d9eb245a4e36d631889665b9a0c2e491d16
Size

261KB
MD5

66af18d8030376917c05eec1db29bcb5
SHA1

b593ba8cd95a8418623df13ec82673023777975a
SHA256

1ee37357a52a50517c97ee20a6074d9eb245a4e36d631889665b9a0c2e491d16
SHA512

e1c40339623239f02c12b8f35e969c13aad5ffac457a89c77dcfeba494787c81aaa555fa0620f8a04d13a947c706bc4b2b5d9dbaeb073c25f4a3b5983784900d
SSDEEP

6144:0UBEz3Tjoo39cxEUjtenXbxHFpHxp2P0U:0TwSeCUj+1RYc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ee37357a52a50517c97ee20a6074d9eb245a4e36d631889665b9a0c2e491d16

Files

1ee37357a52a50517c97ee20a6074d9eb245a4e36d631889665b9a0c2e491d16
.dll windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

PyInit_MyArgs

Sections

UPX0
Size: - Virtual size: 796KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 259KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE