2973dc8f213728f1c43d7a3f12b4ab79db28985976ff5f9322e114ac76a2f42d | Triage

Sharing

General

Target

2973dc8f213728f1c43d7a3f12b4ab79db28985976ff5f9322e114ac76a2f42d
Size

42KB
MD5

fab30b07dbcb0156a1f866f3e9c49a2f
SHA1

95e8b001aae06e8bc0e1f3a0c4c81e3aef1c790d
SHA256

2973dc8f213728f1c43d7a3f12b4ab79db28985976ff5f9322e114ac76a2f42d
SHA512

10aa5348076017df5bd1788fa247f631ef04deeb799092a84f13f5f4ff69f8bed73dd79178e5a46a6ba5d9444233dd5b62bffaba931ce6563383c3519c3f5f1c
SSDEEP

768:346m6t3UVZfVPu5I2vWJUeGBgt3VcikN8LrkqTvpXPecQMs4:IQcZ9G57OJPlfkN8LrphfBQMs4

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/xjtbxgq/文件图标修改器.exe	upx

Files

2973dc8f213728f1c43d7a3f12b4ab79db28985976ff5f9322e114ac76a2f42d
.rar
xjtbxgq/demo.gif
xjtbxgq/不会中毒的超强浏览器！.url
.url
xjtbxgq/文件图标修改器.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
xjtbxgq/访问我们的网站！.url
.url