4a1880f79fdf9dfe7e61d017e578b960[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a1880f79fdf9dfe7e61d017e578b960.bin
Size

4.3MB
MD5

50ca89c62254a1e4866d7ddb55756efe
SHA1

52c874b87be234f326b98ecacfe33a4ff44555da
SHA256

4566e26ed685ce941d9c0f9e7c6aadf1860a85e3d4f512e0d9dea10d6688a5dd
SHA512

43af5081177712a0f7fa5125f9d953c62e6b93a046b7ba3a70b57ff76091e9930f6064a483063982cd0dc0608521aa88b41b94215485d3386027ff92d26ece5e
SSDEEP

98304:BtboK7CCM3WDZYljROAWtfhK0Kdcqc2f9FrGx:bo2Cx3tljROKHfw

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/fdd8988593ff1587af54f5a084ceee03a70c0e1670684892f8aff307aaa81714.exe	upx

Files

4a1880f79fdf9dfe7e61d017e578b960.bin
.zip

Password: infected
fdd8988593ff1587af54f5a084ceee03a70c0e1670684892f8aff307aaa81714.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 10.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE