a38ea87f0aa29a96a04457dcf2e0715af7e78a60d6aa79b2ad0b6ebbb5b04f83

Sharing

Copy URL Twitter E-mail

General

Target

a38ea87f0aa29a96a04457dcf2e0715af7e78a60d6aa79b2ad0b6ebbb5b04f83
Size

2.3MB
MD5

652d174aad767e605c793f27935bd4bc
SHA1

ee04cd69efa7f5fcdeebc7f224b372bbbcab1d8a
SHA256

a38ea87f0aa29a96a04457dcf2e0715af7e78a60d6aa79b2ad0b6ebbb5b04f83
SHA512

99c9db5104fc6c9d0ee5ae0e8be90beb08630c9c86bacbb72d2c5db51a33a6acf42047283803ce8900c844a65eaf53dbb921e52f1c1ce71ef474705688acefe6
SSDEEP

49152:DoUtlPFqbCV6d5Ak+Dz72dcWOGEhqMGXtUTLMKbJCFh8X:ZtK+Yda72KWqCeTYKbEwX

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/xlpg6ydzs/AppleHelper.exe	upx

Files

a38ea87f0aa29a96a04457dcf2e0715af7e78a60d6aa79b2ad0b6ebbb5b04f83
.zip
xlpg6ydzs/AppleHelper.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
xlpg6ydzs/下载说明.txt
xlpg6ydzs/科威软件园.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 132KB

UPX1 Size: 49KB - Virtual size: 52KB

.rsrc Size: 36KB - Virtual size: 36KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 4KB - Virtual size: 16KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 17KB - Virtual size: 16KB

UPX0
Size: - Virtual size: 132KB

UPX1
Size: 49KB - Virtual size: 52KB

.rsrc
Size: 36KB - Virtual size: 36KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 17KB - Virtual size: 16KB