3d30c941e3e4236dd27a7a15e82ddec4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d30c941e3e4236dd27a7a15e82ddec4
Size

63KB
MD5

3d30c941e3e4236dd27a7a15e82ddec4
SHA1

cf21bb4a9fdc7584c3610016ae2cdd62699c5b8f
SHA256

6f99977d51d172ab2341e45e9e8bca833c12f1a480ad6b030c365a04ac2c5c33
SHA512

65ee36bf2458321909226574bddcbb5ed5d9faa617a00901adb6e114310b2874607e7b1f27586448b6f49d7c69e6dbf7c44b0c3196e3eba7b436fab9bd67a9cf
SSDEEP

768:nHpI5EBmwLXHN6RRHHdB+BmHY97o014/89GH4X6Mgd90YQFO6ZXsSKhAUlxSoLP:nJIMlt6RRdOm214/hVh4KhHnZ7

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d30c941e3e4236dd27a7a15e82ddec4

Files

3d30c941e3e4236dd27a7a15e82ddec4
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
inject

Sections

UPX0
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.new
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE