4e4d093fb69220614095332c01fbf18cde797efb36bf473356421b0b0cdfeca7

Sharing

Copy URL Twitter E-mail

General

Target

4e4d093fb69220614095332c01fbf18cde797efb36bf473356421b0b0cdfeca7
Size

6.5MB
MD5

6da9bdfbefeb2feb1308a355b4d0eaac
SHA1

6ff201a08c0b5ff926230d435b5ebc961186dcfb
SHA256

4e4d093fb69220614095332c01fbf18cde797efb36bf473356421b0b0cdfeca7
SHA512

b94ba5fe1986b25be04ae488ad4a635ab6d922a8900c7cb38147beaf2090a130b9ebdde5d0cb51f4f9ddfb8b9f414cb2623db6017b0b79003ece74fc348caca2
SSDEEP

196608:eI96zaS/Q+R59TmE/M2ddVLn66EHUkETL4+:BAGqvhT19dT66EHiTLV

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/聚义重返.exe	upx

Files

4e4d093fb69220614095332c01fbf18cde797efb36bf473356421b0b0cdfeca7
.rar
logdq.bmp
logon.bmp
selchrdaq.bmp
selectchar.bmp
sprite/j2020.atz
sprite/j2021.atz
sprite/j2022.atz
sprite/j2023.atz
sprite/j2470.atz
sprite/j2472.atz
sprite/w2020.atz
sprite/w2022.atz
sprite/w2023.atz
sprite/w2470.atz
sprite/w2472.atz
大众制作.txt
大众制作网络有限公司首页.url
.url
聚义重返.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 452KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 440KB - Virtual size: 437KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 452KB

UPX1 Size: 5.3MB - Virtual size: 5.3MB

.rsrc Size: 8KB - Virtual size: 12KB

Headers

File Characteristics

Sections

.text Size: 440KB - Virtual size: 437KB

.rdata Size: 5.1MB - Virtual size: 5.1MB

.data Size: 60KB - Virtual size: 208KB

.rsrc Size: 24KB - Virtual size: 23KB

UPX0
Size: - Virtual size: 452KB

UPX1
Size: 5.3MB - Virtual size: 5.3MB

.rsrc
Size: 8KB - Virtual size: 12KB

.text
Size: 440KB - Virtual size: 437KB

.rdata
Size: 5.1MB - Virtual size: 5.1MB

.data
Size: 60KB - Virtual size: 208KB

.rsrc
Size: 24KB - Virtual size: 23KB