6a01ca16ce72ca05b3e91a7a0eab77ff648b063de6d2d438a1108c44f3ca5820 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a01ca16ce72ca05b3e91a7a0eab77ff648b063de6d2d438a1108c44f3ca5820
Size

947KB
MD5

7f0e77d256b905e0ef9a8d2b59a2d646
SHA1

8d3c4567a88c5cfab56bc542a7dd9a3aa45dd67b
SHA256

6a01ca16ce72ca05b3e91a7a0eab77ff648b063de6d2d438a1108c44f3ca5820
SHA512

f43a40b120dfb143b99b0c2ed4bb136f23f5116dac3f91788ed7443d18e06b16a9235dae407d699b2c4b56e6e8047e62bd800a4c75516dfe695dc0902cc417da
SSDEEP

12288:8Z7RHlOs3KB1auLeU28PPGmGHXp5LpxMP90kJ3urb/YsTfipm+PsVNVG3AQBnXlk:WHwW2eU1PPGmIXzpoejlfrWjWQK

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/Domain3.5/Domain3.5.exe	upx

Files

6a01ca16ce72ca05b3e91a7a0eab77ff648b063de6d2d438a1108c44f3ca5820
.rar
Domain3.5/Domain3.5.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 752KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rol
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Domain3.5/SetData.mdb