37e9932e8b708a43df13232b3b4cd20b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37e9932e8b708a43df13232b3b4cd20b
Size

121KB
MD5

37e9932e8b708a43df13232b3b4cd20b
SHA1

df16052d0afa15a03cb9eb8fd8663985247c84db
SHA256

4e4e9bb698927e3698f85e15db81af694d6875102543864c0505cb6462a1cda1
SHA512

4acc7ee0e273ecadff2d964c0b96f615421f90d7a2a90e6143a775473d4deedda055d33bf22d679c5717d16bd82a49cb79e95579bb5c4e3281f7d66de643b6c3
SSDEEP

3072:8MpDO2uxroFJx2zvwe3KEAnwzDMyfowU4Xe4BBVh:ppDSiJxqv73KEFQAoFqe8Dh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37e9932e8b708a43df13232b3b4cd20b

Files

37e9932e8b708a43df13232b3b4cd20b
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
go
setvm

Sections

UPX0
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nF�^
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ