81f499f359bbfe167307d65fc11414a8f6f9d441acc5be738c88d1fac94eb112 | Triage

Sharing

General

Target

81f499f359bbfe167307d65fc11414a8f6f9d441acc5be738c88d1fac94eb112
Size

204KB
MD5

b1d5f217bd9384416122fd64708cc409
SHA1

3379606f560823732a2ffecfef613cbc2e6f2537
SHA256

81f499f359bbfe167307d65fc11414a8f6f9d441acc5be738c88d1fac94eb112
SHA512

424b4f0f9ef7f81d3b69202fe686ec996b15a5dab9f14694c76cbe61f637cc15e3fe82a96a81b4379449053b4020e18b821731549f292b2113dc0c47478e69c1
SSDEEP

6144:51+46HYpytOwaIxmYVQkXUo2zeBm9c30J8XBah68:A4psOwaIMYVzU7ccI00oh68

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/QQ/QQ.exe	upx

Files

81f499f359bbfe167307d65fc11414a8f6f9d441acc5be738c88d1fac94eb112
.zip
QQ/##ע##.txt
QQ/77169.orgʹð˵.txt
QQ/77169.org˵.htm
.html
QQ/QQ.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 288KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 157KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
QQ/ʹ˵.txt
QQ/ ##ע##.txt
QQ/ĺڿͬ˽ѧѵ.url
.url
QQ/ĺڿͬ.url
.url
QQ/¿ƼIDC˾.url
.url
QQ/¿Ƽȫά.url
.url