442721e3eb910166e390f391ae22c95e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

442721e3eb910166e390f391ae22c95e
Size

49KB
MD5

442721e3eb910166e390f391ae22c95e
SHA1

226e5e812b8ff15fc883021aba461586534b12b6
SHA256

9b621e22cee8363a41992ecb3205884455a5a1610898407bc3b7aace3deb4539
SHA512

a34f8a6854ad5c55df4e5c643abd084d164e6b16ce370453e513cfc1e68be5ac7106340d2ec91318c5bdf7431338b01f8a2f20b796e662c0fd66ab7e8f71abf4
SSDEEP

768:M17flTAvR85TFDKoFEiXblcx2i0NCH8Z:czl3TDjFEAcxDWCc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
442721e3eb910166e390f391ae22c95e

Files

442721e3eb910166e390f391ae22c95e
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

UPX0
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE