9493760e5d2d69b7465a90fd7d658ec2b765fd133aed555858eed34e76058f42 | Triage

Sharing

General

Target

9493760e5d2d69b7465a90fd7d658ec2b765fd133aed555858eed34e76058f42
Size

32KB
MD5

e82aad566a9f9e7e5cee7b12a090ae33
SHA1

94e1f610ccbf80d77c5266766ac8e872e2189719
SHA256

9493760e5d2d69b7465a90fd7d658ec2b765fd133aed555858eed34e76058f42
SHA512

86a1544800401a8a0afbc650a0c6aff6acaa819c4a639ee5740194a05acee2500a3a3f9fe9fcd0ee827d4c28841bf8c900d03514ab5d9b285981c002c3dde885
SSDEEP

768:bYImAVKZgwprfRJSIoC3/uAZRtKVbCjEaspJhR:bYdAVKV15qC3/TZRoNHb

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9493760e5d2d69b7465a90fd7d658ec2b765fd133aed555858eed34e76058f42

Files

9493760e5d2d69b7465a90fd7d658ec2b765fd133aed555858eed34e76058f42
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

PyInit__unpacker

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE