db776b7b15fdc11cbab84fff5e6a4d8a012d32d903fa31db7808118ec1e54c22[.]zip

General

Target

db776b7b15fdc11cbab84fff5e6a4d8a012d32d903fa31db7808118ec1e54c22.zip
Size

14.3MB
MD5

71620c823d50c3310ba09c09c41b30fb
SHA1

55b977a530f863488b7718dd8fafdae0f0e234b7
SHA256

208264a66e609e9fd194054925662c21f9dc3205b0c027313265f6a118ca57da
SHA512

5441c420243a95e7485f404124dd7d2913e5e7c960bc11f2681748f7644b6b82d14af3eaf0a08129d7f916298a98ab728a10ed581cb51c07fd445ba86d966a4c
SSDEEP

393216:CgnBqVeOcTmgz5/0EVUh9oLum8Kfo9IW4vunu:HsUOcagz5sMUhG8KQ9Kvunu

Score

7^/10

upx pyinstaller

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/db776b7b15fdc11cbab84fff5e6a4d8a012d32d903fa31db7808118ec1e54c22.exe	upx

Detects Pyinstaller 1 IoCs

pyinstaller

resource	yara_rule
static1/unpack001/db776b7b15fdc11cbab84fff5e6a4d8a012d32d903fa31db7808118ec1e54c22.exe	pyinstaller

Files

db776b7b15fdc11cbab84fff5e6a4d8a012d32d903fa31db7808118ec1e54c22.zip
.zip

Password: infected
db776b7b15fdc11cbab84fff5e6a4d8a012d32d903fa31db7808118ec1e54c22.exe
.exe windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 228KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 228KB

UPX1 Size: 103KB - Virtual size: 104KB

.rsrc Size: 60KB - Virtual size: 64KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 62KB - Virtual size: 62KB

.data Size: 3KB - Virtual size: 44KB

.pdata Size: 7KB - Virtual size: 7KB

.gfids Size: 512B - Virtual size: 172B

.rsrc Size: 60KB - Virtual size: 60KB

.reloc Size: 2KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 228KB

UPX1
Size: 103KB - Virtual size: 104KB

.rsrc
Size: 60KB - Virtual size: 64KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 62KB - Virtual size: 62KB

.data
Size: 3KB - Virtual size: 44KB

.pdata
Size: 7KB - Virtual size: 7KB

.gfids
Size: 512B - Virtual size: 172B

.rsrc
Size: 60KB - Virtual size: 60KB

.reloc
Size: 2KB - Virtual size: 1KB