dd14f6f937031600148fcbd07d5a54fa[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd14f6f937031600148fcbd07d5a54fa.bin
Size

14KB
MD5

a48f12d45595b2dfca5c4ddf48dcfab2
SHA1

34317c069dd4125a3b0f0b582a490100180b2e86
SHA256

c6454aed5fbd97b7e2a376b20ea1b1a1be09458abbbc6640a85e82eb6d392425
SHA512

4ef036306e0da8ab6b564e4524d7179aee875c6ee04e9622b4e8360855ed4fd36f7b0406708bfd9658d3e078a354efc97d3085767e8821f947f9e57752bea1d3
SSDEEP

384:jA/DCEb2oCA63lL5Xo99OxW5LkyaVIedYJgMlDSzJk:M7CG2oClL2ZkyaVIoNq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/7543f108a40f6ac77210d9a4b6a9c6aec9e2efd625b16b69a295d2995ea7def5.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7543f108a40f6ac77210d9a4b6a9c6aec9e2efd625b16b69a295d2995ea7def5.exe

Files

dd14f6f937031600148fcbd07d5a54fa.bin
.zip

Password: infected
7543f108a40f6ac77210d9a4b6a9c6aec9e2efd625b16b69a295d2995ea7def5.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX3
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ