8f81580c5dec332414d4cee9f40edd6b26e64458f34ee3410360dcf6bcf42bcb[.]dll | Triage

Sharing

General

Target

8f81580c5dec332414d4cee9f40edd6b26e64458f34ee3410360dcf6bcf42bcb.dll
Size

206KB
MD5

c5736b37501b61f7c64e7ef6286f6289
SHA1

1a0a94d72d06e52933909dcfcc990501c0fa7215
SHA256

8f81580c5dec332414d4cee9f40edd6b26e64458f34ee3410360dcf6bcf42bcb
SHA512

d56f49d12071b502b7141832bfec5fc9a4e5b31ccc8be79b0df8f053006667bb2fa85f77ecf2bf64b213e4ff56c6ce05c3780e4883a6a3ae39c95551431f6523
SSDEEP

3072:rWM5Dd5F4fXT9lePIdmpcS/sTftc8zNuhJi4zGUGrXcOC:rf+ePIdsDETftc8BuhJi4zGUGrg

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f81580c5dec332414d4cee9f40edd6b26e64458f34ee3410360dcf6bcf42bcb.dll

Files

8f81580c5dec332414d4cee9f40edd6b26e64458f34ee3410360dcf6bcf42bcb.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

Group

Sections

UPX0
Size: 100KB - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fdss
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE