6454b028b946e4bfd6b31e31dc7a7998b48894c5da052cca17aa58eb384a32fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6454b028b946e4bfd6b31e31dc7a7998b48894c5da052cca17aa58eb384a32fa
Size

174KB
MD5

e01f37ad0b83d16ea6db50065e14774f
SHA1

df05c6f861ced0175034cdc8ffe93c9bf019f625
SHA256

6454b028b946e4bfd6b31e31dc7a7998b48894c5da052cca17aa58eb384a32fa
SHA512

674d4a6d4034aa0cc12bc8ed30944d9bd766487ec8e1ac3c004d835e75bec36e02dc0260fb665730736f8637131733852e922cad145b57e5d6d72163e8a5115a
SSDEEP

3072:R1PnB6Ba1+hr1KI+41MU1PKaR//2ogWFNOz5R+K+Wzp6ZNZObC4S+amrf8:R1PnBp1CDUaR/39N+D+K+WzWZgC4S+d7

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6454b028b946e4bfd6b31e31dc7a7998b48894c5da052cca17aa58eb384a32fa

Files

6454b028b946e4bfd6b31e31dc7a7998b48894c5da052cca17aa58eb384a32fa
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

PyInit__dpropack

Sections

UPX0
Size: - Virtual size: 308KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE