1bba1452f00fa09d504bafc41bce9ef51f929f65688fd0d3c82f7759b1312e66

General

Target

1bba1452f00fa09d504bafc41bce9ef51f929f65688fd0d3c82f7759b1312e66
Size

664KB
MD5

25aefbe50baef98d64eeeba77d796a30
SHA1

ce8651a860d9d74505e95a5adaacf011edbd738b
SHA256

1bba1452f00fa09d504bafc41bce9ef51f929f65688fd0d3c82f7759b1312e66
SHA512

01039a362943be939bfc5998ad6b50cf3b047f6656813300096c5fc79cd7ef1b6affbc5ac3cc43c533d289c29c018e76c4d097a79184f6ba79b600b0fc2dcdf7
SSDEEP

12288:IcKz2LCMFB6kk7BmVXCOAoOR+ROmYIh0oPVPJlpNY58dJMZO/iAA0cRFX7crv:I1iLdFUVKCZbEROmakFDH18RFXQ7

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/金边西港高速今日开始收费.exe	upx

Files

1bba1452f00fa09d504bafc41bce9ef51f929f65688fd0d3c82f7759b1312e66
.rar
金边西港高速今日开始收费.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 659KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.textbss
Size: - Virtual size: 908KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 307KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 291KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 1024B - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.9MB

UPX1 Size: 659KB - Virtual size: 660KB

.rsrc Size: 64KB - Virtual size: 64KB

Headers

DLL Characteristics

File Characteristics

Sections

.textbss Size: - Virtual size: 908KB

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 307KB - Virtual size: 307KB

.data Size: 291KB - Virtual size: 310KB

.idata Size: 23KB - Virtual size: 22KB

.didat Size: 1024B - Virtual size: 793B

.rsrc Size: 78KB - Virtual size: 78KB

UPX0
Size: - Virtual size: 2.9MB

UPX1
Size: 659KB - Virtual size: 660KB

.rsrc
Size: 64KB - Virtual size: 64KB

.textbss
Size: - Virtual size: 908KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 307KB - Virtual size: 307KB

.data
Size: 291KB - Virtual size: 310KB

.idata
Size: 23KB - Virtual size: 22KB

.didat
Size: 1024B - Virtual size: 793B

.rsrc
Size: 78KB - Virtual size: 78KB