bbabecb60a7d91dc4b01da5359280b92[.]bin | Triage

Sharing

General

Target

bbabecb60a7d91dc4b01da5359280b92.bin
Size

4.3MB
MD5

9ca80a14eab762b72f769c1ab33db7f7
SHA1

865c7adbc8c745406be951e802735fbd523a0e05
SHA256

85ba82122045425a7ec3287eb5259af0e984428bf1d03f56f98507f5f2dab127
SHA512

fedb7e5dd97452de8af05b1ce6886e1b64502ef981d369c76f94df567e3e4b6728295a82c06c10c5b0b25a495584cae110b800458d56e3eac4f2afabb286e189
SSDEEP

98304:xya4n5RjrSU711sZabnKnFomOi5r8QC9eE5bPe5k9nLVB:xyas5951OEKTB52l+kdVB

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/b02a4cdd494c1e0963f824ecaf7d676f3c1572be89ddd7e89c79b5f16bdebd94.exe	upx

Files

bbabecb60a7d91dc4b01da5359280b92.bin
.zip

Password: infected
b02a4cdd494c1e0963f824ecaf7d676f3c1572be89ddd7e89c79b5f16bdebd94.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 10.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE