64f1a2f9b95a39c04b60062a24a7bc6de038f706cd679df7b1346c34c055e0b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64f1a2f9b95a39c04b60062a24a7bc6de038f706cd679df7b1346c34c055e0b1
Size

945KB
MD5

3322a0d03e7e901c4a51f83af5878d25
SHA1

b3a5d8e041265e8d46d82bd6114a5a9646680464
SHA256

64f1a2f9b95a39c04b60062a24a7bc6de038f706cd679df7b1346c34c055e0b1
SHA512

7937db609234e3914c2a5c4b35be1540d83a58d627f9706dbbb13baf479ec9e0cf26fd319a1d5cdad1d96e80ba427799c213570941344562ac6a41554a86f6b4
SSDEEP

24576:ztE8wsC5inKOYXDUnBwfYb5QvFEIY2ucmzyw26Ss17sG2EE6:zTLs1wos6cc026SGsG3

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64f1a2f9b95a39c04b60062a24a7bc6de038f706cd679df7b1346c34c055e0b1

Files

64f1a2f9b95a39c04b60062a24a7bc6de038f706cd679df7b1346c34c055e0b1
.dll windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
euefnaiw
gusiezo3
hitit

Sections

UPX0
Size: - Virtual size: 4.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 940KB - Virtual size: 944KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE