MDE_File_Sample_a393b5123967022d511417d8432edc6de54fb0c6[.]zip

General

Target

MDE_File_Sample_a393b5123967022d511417d8432edc6de54fb0c6.zip
Size

2.7MB
MD5

3f096acedbe27d5b92c4f91648b77eee
SHA1

3e97931892d8ef47de88027aa0fd6d8c68966544
SHA256

cecf21ccbac017e4e998c57b78fb7cc7fa6c796b56e7a55ef5d8e8c578a8e914
SHA512

e604b2f33ea373e478ebe5db321a87836022e65d4203ca19765552910fe82aae666da0637ee448202c24e06ac98597359d2cf83a8904cc81fb3f64d4336e3468
SSDEEP

49152:qHL/Jq2TySNo3F8jhxybKPwRxIDoWG3/b9NsCXyNYX8lWuHP5066GCY4RC9AV+QO:yL/dTI8jhxymPWxIiZOCCN5xP5RNCxs7

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/USBDisplayLauncher.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/USBDisplayLauncher.exe
unpack002/out.upx

Files

MDE_File_Sample_a393b5123967022d511417d8432edc6de54fb0c6.zip
.zip

Password: infected
USBDisplayLauncher.exe
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.5MB

UPX1 Size: 2.7MB - Virtual size: 2.7MB

.rsrc Size: 46KB - Virtual size: 48KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 6.1MB - Virtual size: 6.1MB

.reloc Size: 5KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 3.5MB

UPX1
Size: 2.7MB - Virtual size: 2.7MB

.rsrc
Size: 46KB - Virtual size: 48KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 6.1MB - Virtual size: 6.1MB

.reloc
Size: 5KB - Virtual size: 4KB