70882777c75456874f4febfac0212cd4[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70882777c75456874f4febfac0212cd4.bin
Size

27KB
MD5

72f5e4f0abbdd4f0b982a0aee7c5d3f4
SHA1

1928f23ac61ce11eb94cfd8af089e423c451f3b2
SHA256

d03f4aab1e1e60f9601e4a5de6bbc246226f2d1aa5fb614c83ca4346144e21c6
SHA512

1a79166bc746b7be13a37b8241b4d25b0efe8954059ad3a59a042c7f2a51cc482c52bb2dbd1bfd7e9734d9e79df048d7b34137de5c0ffe06415aff31aee63f05
SSDEEP

768:e+zpPIEvDn4R6shS8Fw11y9eM9Jnk9138mdjVuH4:eILzLshSW9B9JUV/n84

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/2584a2b410683390bd887151a82baeb90d3042215898a9f4399e33217afc633e.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2584a2b410683390bd887151a82baeb90d3042215898a9f4399e33217afc633e.exe

Files

70882777c75456874f4febfac0212cd4.bin
.zip

Password: infected
2584a2b410683390bd887151a82baeb90d3042215898a9f4399e33217afc633e.exe
.exe windows x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE