bdc2dab356f02637267fa62f37f50388cb1332bd9f9a0a3baef2b568db7b3d66 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bdc2dab356f02637267fa62f37f50388cb1332bd9f9a0a3baef2b568db7b3d66
Size

54KB
MD5

67267656347566f90fe1e890f093cf39
SHA1

9b2d04855b0e009c496cc3eb570eebe623f2afb3
SHA256

bdc2dab356f02637267fa62f37f50388cb1332bd9f9a0a3baef2b568db7b3d66
SHA512

043a40d15efd5331b2267446ea11f025dbf84a832145f071242e75a7720f2113f4ab44b759edd815fb4819fa788e096780cf57cf9b1f0a1fe554f9d158f4ffdf
SSDEEP

1536:InQOUT+qC5CKWLF6gqXGw9u2V1RtF3arX8:I6TF+DWWF1Rer

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdc2dab356f02637267fa62f37f50388cb1332bd9f9a0a3baef2b568db7b3d66

Files

bdc2dab356f02637267fa62f37f50388cb1332bd9f9a0a3baef2b568db7b3d66
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

PyInit_iup

Sections

UPX0
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE