dc08c8c3871cbf02ad871f2ba3f9ca6e[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc08c8c3871cbf02ad871f2ba3f9ca6e.bin
Size

2.4MB
MD5

c8e7245d9457a1dde6e4b0debd548cdb
SHA1

e37b1f2233ce30b0872b65a76dc2f7a68db6e0d3
SHA256

005463700775b5beb6d82ead782cb17f1737c244f29a85e7bf68ee9d056c4ea2
SHA512

7b3b6a9ee29a36035faff6ba91484791acc692025fed476317adffccb7f3d7951eb7c459106686848e57c1c9e6a5ed94a8faced0453a70a49babdadfedec0f37
SSDEEP

49152:TzvKVP25kiShvTuOeM6NUZP6Rz6jhoO9wNSnYtOz2e/CdjO85Tu2qpz44g0M5s:nKQjSh9eb4P6RzIjCInP2iCVqpLg1s

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/ecbd37fd6df7c95f4cfa1251a040d7df7bde603dc09ac4a9ebdbce3850caa20f.exe	upx

Files

dc08c8c3871cbf02ad871f2ba3f9ca6e.bin
.zip

Password: infected
ecbd37fd6df7c95f4cfa1251a040d7df7bde603dc09ac4a9ebdbce3850caa20f.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 5.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE