060302eb86d96eda59e36eb86e0f2350[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

060302eb86d96eda59e36eb86e0f2350.bin
Size

4.3MB
MD5

9bf655e826fbd3b0eeb727b509d1d474
SHA1

452d00a4cc8206e6ec128659e1f14ecdd5fd7ad8
SHA256

db3dc786b1659225196070f03e7020dae7613b53f350c7d8ffda6b38ce365ff1
SHA512

3f64f45bc0dcd1c3bc72634e62b0f1ba5c7de0093d13b5c443e0b91b7f1560019a5d6b14acaef885b216c672af57c6a38066869e1cc71df7d37179f1f812d2b2
SSDEEP

98304:WHJzN09f9fKuJeViCwAyliKmqiwtCA84z3zF1kVq01NIyBYk:W5NopxzAoimiApX3AVq07BJ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/c18415546f1a158b94e80c25aee66e2094f658a0c7e2301600951496d56bc7a1.exe	upx

Files

060302eb86d96eda59e36eb86e0f2350.bin
.zip

Password: infected
c18415546f1a158b94e80c25aee66e2094f658a0c7e2301600951496d56bc7a1.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 10.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE