Trojan-Ransom[.]Win32[.]Losya[.]r-d478797d0086d5c57f6e9c6c5cd75b30ef85750882b0d77f8811bb17a3cf6a04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Trojan-Ransom.Win32.Losya.r-d478797d0086d5c57f6e9c6c5cd75b30ef85750882b0d77f8811bb17a3cf6a04
Size

316KB
MD5

0ee649ba71ddfcf89f2a1d55104912b8
SHA1

f478c97827ddcb3eb404b19fb71d1c6633c1ed2f
SHA256

d478797d0086d5c57f6e9c6c5cd75b30ef85750882b0d77f8811bb17a3cf6a04
SHA512

87f1919d2e2b97b09c16e07d067ffa9301cfecbb0b5393534586ddccdb4ba7d835d18aab422c3c4c1c5cd63754d1463418e114b84926ee5b8489af3d0d9aea8e
SSDEEP

6144:alo6HDJHwJNjNAHRoaujjiHg4LX2tBr8e/KMnPPbYejFb84aww4D:n6HUjKxoaujjiHtGXr8sTHbZpY

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

Trojan-Ransom.Win32.Losya.r-d478797d0086d5c57f6e9c6c5cd75b30ef85750882b0d77f8811bb17a3cf6a04
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 164KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 277KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 371KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ