9da5ad4c13be99ae8506a7e99a74ab3fa8435d9a94e6696fb912ce73f331856f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9da5ad4c13be99ae8506a7e99a74ab3fa8435d9a94e6696fb912ce73f331856f
Size

9.9MB
MD5

ba3ce4712c2ed03862e015df6a46c1c9
SHA1

3146d2b333016139bd1f32242199c65a1bad804f
SHA256

9da5ad4c13be99ae8506a7e99a74ab3fa8435d9a94e6696fb912ce73f331856f
SHA512

2ee43c41e71fb744b4d82bd69de7ef851546db5929e35334d5d62806aa1b6667179db4f7645410bfce2bf7f397fef0284c6c32916d3e41e66daf62b5f34c226b
SSDEEP

196608:WERLszTfIca2f4gGEfHssKxXKXvpmkNaq6vFUa9+3mV:WQmfJxVL2Kf4kNd6t+3i

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9da5ad4c13be99ae8506a7e99a74ab3fa8435d9a94e6696fb912ce73f331856f

Files

9da5ad4c13be99ae8506a7e99a74ab3fa8435d9a94e6696fb912ce73f331856f
.exe regsvr32 windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: - Virtual size: 14.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9.9MB - Virtual size: 9.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE