0e205aa5e4926b3fe10042db5db5f6f3[.]bin | Triage

Sharing

General

Target

0e205aa5e4926b3fe10042db5db5f6f3.bin
Size

4.3MB
MD5

11639927fda2e1aa22a6698df3671394
SHA1

b8fb0e2b398ec5fe8a5c17eb6988eef500e6cc68
SHA256

3cbd25be5585e8f3e7956c72abd95eeaafe1cd46b8c7ccd674f0a90e3e3280a5
SHA512

b8568df4dd5eb84e03f3f13a85faac8ff8abac52d1f12fa929dd353fb4794945a7b3154fe2d374fc341eba77de9a009a5bdb666d1519b6a6d05f5b8f38bfd9e6
SSDEEP

98304:sa4RTLGigaZW8yn+k6fuUdHTT8F62dStjr/vqiJA54Tnt8V6x:stFL1JnkSdHTAPYFPA5et8V6x

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/f187219737bc5ab2a2bdcba67f7a254a230d3880d4636ce52302f0645d746911.exe	upx

Files

0e205aa5e4926b3fe10042db5db5f6f3.bin
.zip

Password: infected
f187219737bc5ab2a2bdcba67f7a254a230d3880d4636ce52302f0645d746911.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 10.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE