8d3dec774d886f53d64084e0a51020f0bd3a4cdcefa979f132685c2648a1d7e2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d3dec774d886f53d64084e0a51020f0bd3a4cdcefa979f132685c2648a1d7e2
Size

55KB
MD5

9a86a6bfc25acec50d25fae507b57ea5
SHA1

a16de15adeb129836c10f3a68b028f840ab384d3
SHA256

8d3dec774d886f53d64084e0a51020f0bd3a4cdcefa979f132685c2648a1d7e2
SHA512

2205b9ff0b148aff4e62c10289ee81ebd4720e8785b6345df92570a98e1f58e9dcf2cb3b9ae0474f8752d691e53917db5fef55b6f692c7980f06ae1e722101cd
SSDEEP

1536:ZMtY/mTHhBoQo7D9Q5PpWhpbjUzstTPqWOM:qtq+oQotMMhAsNf

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/spirit/SPIRIT.exe	upx

Files

8d3dec774d886f53d64084e0a51020f0bd3a4cdcefa979f132685c2648a1d7e2
.rar
spirit/SPIRIT.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 284KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
spirit/images/pigpig/000.png
.png
spirit/images/pigpig/001.png
.png
spirit/images/pigpig/002.png
.png
spirit/images/tanwushuo/000.png
.png
spirit/images/tanwushuo/001.png
.png
spirit/images/tanwushuo/002.png
.png
spirit/images/tanwushuo/003.png
.png
spirit/images/tanwushuo/004.png
.png
spirit/images/素材添加方式.txt
spirit/setting.ini