aa28d3084f6aa5e9c19875e7cd9017452b684d303a15c860cb88c302c73bb6f5

Sharing

Copy URL

Twitter E-mail

General

Target

aa28d3084f6aa5e9c19875e7cd9017452b684d303a15c860cb88c302c73bb6f5
Size

4.9MB
MD5

4a701f0818fd826dccc9f092ad19f70c
SHA1

008960c8022d47034d1f5671d957ee5a7d404e55
SHA256

aa28d3084f6aa5e9c19875e7cd9017452b684d303a15c860cb88c302c73bb6f5
SHA512

ef5891efcd3eb771bd5e42767767bd92920e3583555d184251038a2929a993e7294ee2c9d54849f6a4c9dd5155be067f4a963815bb6a2c05b8351f91fe9c51d0
SSDEEP

98304:qhu4nxpAWt1/v0t/jyZRB1KbhenpgwaWAzUoA/AWc4m5wEODMggaI:apAM/cxW7ghenmWWUDAW93Zs

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Բ.exe	upx

Files

aa28d3084f6aa5e9c19875e7cd9017452b684d303a15c860cb88c302c73bb6f5
.zip
QֶԲθȫܰ.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

CODE
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 535KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Բθ֧ֱӸַ.url
.url
Բθ̳ַ.url
.url
Բθ.url
.url
Բθصַ.url
.url
Բθ.url
.url
Բ.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 455KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
下载说明.txt
华彩联盟论坛.url
.url
华彩软件站-使用必读.url
.url
Ϣ/30.Dat
Ϣ/40.Dat
Ϣ/50.Dat
Ϣ/60.Dat
Ϣ/70.Dat
Ϣ/80.Dat
Ϣ/.Dat
XPϵͳû˵.txt
ѹ˵.txt
ֹͣ뿴.jpg
.jpg
ֹͣ뿴.txt
뷬QQԻ.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 8KB - Virtual size: 8KB

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 4.2MB - Virtual size: 4.2MB

.data Size: 132KB - Virtual size: 535KB

.rsrc Size: 32KB - Virtual size: 29KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.4MB

UPX1 Size: 455KB - Virtual size: 456KB

.rsrc Size: 8KB - Virtual size: 12KB

CODE
Size: 8KB - Virtual size: 8KB

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 4.2MB - Virtual size: 4.2MB

.data
Size: 132KB - Virtual size: 535KB

.rsrc
Size: 32KB - Virtual size: 29KB

UPX0
Size: - Virtual size: 1.4MB

UPX1
Size: 455KB - Virtual size: 456KB

.rsrc
Size: 8KB - Virtual size: 12KB