6071cf2edfe521f9a11a835f4851de5e12a6f79d16925ab5b440265c0177a30c

Sharing

Copy URL Twitter E-mail

General

Target

6071cf2edfe521f9a11a835f4851de5e12a6f79d16925ab5b440265c0177a30c
Size

1.4MB
MD5

75205be11248cc5f9631fa310bb261fb
SHA1

c5a431d26a696dd5fad8a53e7bad68415ff86142
SHA256

6071cf2edfe521f9a11a835f4851de5e12a6f79d16925ab5b440265c0177a30c
SHA512

d35e522a49e1266e69acd9d7c096df7d258727dff97453f3d3512181b859ff797e3223a520d6497781cf5aabe469414a1d2750899a236df7e9ee7692d2d54a9d
SSDEEP

24576:EBZbqx/vt75aboeW7iB8Iie1b1Ouc5177JN60Dovt9nf+cm3+HKDuZD30Q:Bvt75abP+Irb13QPwB9nG18

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/XmHelper.exe	upx

Files

6071cf2edfe521f9a11a835f4851de5e12a6f79d16925ab5b440265c0177a30c
.rar
XmHelper.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
去脚本之家看看.url
.url
服务器软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 128KB

UPX1 Size: 49KB - Virtual size: 52KB

.rsrc Size: 34KB - Virtual size: 36KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 4KB - Virtual size: 16KB

.rsrc Size: 34KB - Virtual size: 33KB

.reloc Size: 17KB - Virtual size: 16KB

UPX0
Size: - Virtual size: 128KB

UPX1
Size: 49KB - Virtual size: 52KB

.rsrc
Size: 34KB - Virtual size: 36KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 34KB - Virtual size: 33KB

.reloc
Size: 17KB - Virtual size: 16KB