16499be3b282a354b9560cff6f9c1cd07629527c1fff767f2e3feac828ffa0f7

Sharing

Copy URL

Twitter E-mail

General

Target

16499be3b282a354b9560cff6f9c1cd07629527c1fff767f2e3feac828ffa0f7
Size

1.7MB
MD5

b580a969762bb09863892e22405885b3
SHA1

25bf0ec28d61cc3dc5519b66f2d8ae3bab8a4fd3
SHA256

16499be3b282a354b9560cff6f9c1cd07629527c1fff767f2e3feac828ffa0f7
SHA512

66dd41fe7ebd6e33e557e4f290f50c165ab8c866fa76516153bbcf3812e5d6258363174a807c3e0fbdd02e6eb5b4a57c36628cc22f1d654a3f0c45b98793fd99
SSDEEP

24576:9h80XviQO+G4vMMgPkC5t/x8UGVZREzLvbPupxMil5I4573QiA9v8EBHCs0Bs185:T8kvHFrgPkK/2HkLvbu4q3Zko9s1qx

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/天音淘宝店铺宝贝批量复制大师 v2.82.8/DownloadBabySrv.exe	upx
static1/unpack001/天音淘宝店铺宝贝批量复制大师 v2.82.8/DownloadBabySrvSrv.exe	upx
static1/unpack001/天音淘宝店铺宝贝批量复制大师 v2.82.8/v2.82.7.exe	upx

Files

16499be3b282a354b9560cff6f9c1cd07629527c1fff767f2e3feac828ffa0f7
.rar
天音淘宝店铺宝贝批量复制大师 v2.82.8/DownloadBaby.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 17B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 471KB - Virtual size: 474KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
天音淘宝店铺宝贝批量复制大师 v2.82.8/DownloadBabySrv.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
天音淘宝店铺宝贝批量复制大师 v2.82.8/DownloadBabySrvSrv.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
天音淘宝店铺宝贝批量复制大师 v2.82.8/JZ5U绿色下载站.url
.url
天音淘宝店铺宝贝批量复制大师 v2.82.8/v2.82.7.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 948KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 377KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
天音淘宝店铺宝贝批量复制大师 v2.82.8/使用必读.url
.url
天音淘宝店铺宝贝批量复制大师 v2.82.8/使用说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 2.3MB - Virtual size: 2.3MB

DATA Size: 45KB - Virtual size: 44KB

BSS Size: - Virtual size: 8KB

.idata Size: 13KB - Virtual size: 12KB

.tls Size: - Virtual size: 17B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 148KB - Virtual size: 147KB

.rsrc Size: 471KB - Virtual size: 474KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 120KB

UPX1 Size: 52KB - Virtual size: 56KB

.rsrc Size: 1KB - Virtual size: 4KB

.rmnet Size: 77KB - Virtual size: 80KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 120KB

UPX1 Size: 52KB - Virtual size: 56KB

.rsrc Size: 21KB - Virtual size: 24KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 948KB

UPX1 Size: 377KB - Virtual size: 380KB

.rsrc Size: 33KB - Virtual size: 36KB

CODE
Size: 2.3MB - Virtual size: 2.3MB

DATA
Size: 45KB - Virtual size: 44KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 13KB - Virtual size: 12KB

.tls
Size: - Virtual size: 17B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 148KB - Virtual size: 147KB

.rsrc
Size: 471KB - Virtual size: 474KB

UPX0
Size: - Virtual size: 120KB

UPX1
Size: 52KB - Virtual size: 56KB

.rsrc
Size: 1KB - Virtual size: 4KB

.rmnet
Size: 77KB - Virtual size: 80KB

UPX0
Size: - Virtual size: 120KB

UPX1
Size: 52KB - Virtual size: 56KB

.rsrc
Size: 21KB - Virtual size: 24KB

UPX0
Size: - Virtual size: 948KB

UPX1
Size: 377KB - Virtual size: 380KB

.rsrc
Size: 33KB - Virtual size: 36KB