621af32f5582b297797aeb3c10916b1d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

621af32f5582b297797aeb3c10916b1d
Size

228KB
MD5

621af32f5582b297797aeb3c10916b1d
SHA1

bc29545d1e44444decb5124f24b6147e5b6de321
SHA256

cb85e487aaa803faad75a2a7fdc52ebb9ddcabaf6f314fb50f724126d163058a
SHA512

4c7241027d8eeeecc88fd3722d7256dac2d79919e24d0e215d8e7cb1a3068f38a8122283a9aadaa9fefc03f145dd9c4755e8035f31fa21269a4b6a86e178c170
SSDEEP

3072:sR2CK9iHhKOgv/U0z1nJdaRz1lfpB/T2p20eZqQp+dn2LHsMrI:s0CHBQBz1JQ9T2A0a8WrI

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
621af32f5582b297797aeb3c10916b1d

Files

621af32f5582b297797aeb3c10916b1d
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
InitEntry0

Sections

UPX0
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE