202303060202152[.]bin[.]zip | Triage

Resubmissions

07-03-2023 19:39

230307-ydewyaba31 8

07-03-2023 19:36

230307-ya8pvabe76 7

Sharing

General

Target

202303060202152.bin.zip
Size

2.6MB
MD5

e5d38db516ddd0f65c4655b046f83aba
SHA1

024635190b6b9392bef6e072af97a27a4f3629f2
SHA256

5b1f019244466c05b00977f6775ebca64dc0698cb0c81a1722a8b478e6f7cbbd
SHA512

66a1e496811b0b5ca1cf5ac35aab9b2fb00030ac595d1d152c2a61c2c859889718f43d40ff1ad3c2cbcd0dcf93e2afabceade3d232f0ad7d45bac05d2e60683c
SSDEEP

49152:AGYsMQ51jhlRpp+3OE5JUsyieQm23vK3PxLcWLYxTPkFHUx7zSZPPpTUPTLr:951dlRpo+Ebr3eQLcPxHLYpP4iEPter

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/202303060202152.bin	upx

Files

202303060202152.bin.zip
.zip

Password: infected
202303060202152.bin
.exe windows x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 8.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 601KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma1
Size: 216KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE