f88f9333c373ed722be50e092ec17a57[.]bin | Triage

Sharing

General

Target

f88f9333c373ed722be50e092ec17a57.bin
Size

14KB
MD5

74e59dbed8d20f312dae75722ddf36d4
SHA1

b5e014b3af6f39ea18c0cba9a62b4780457c40a7
SHA256

0e1ca245f23ab90d7d0de2165965ff392dd7f5bb3fcbc424d845d14b8f8006be
SHA512

99a36ee5c1ef2ab223b6460827eb17fa2047a30a9b4ed231750777e0506902181c3f6a72cc6c4bfae69aa587d7096e8aad2ca9d1294a0435270b8bf53e45ae06
SSDEEP

384:/3qkYbdVP3nIu+v1errUzF1Zb/QQ8lPoUIo:/qkYb7+t4UzF1F/Py

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/5d9749d15c6ec9adaa59655cbcab4fdca79644f80820fcdb1689b70b8ca265e8.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5d9749d15c6ec9adaa59655cbcab4fdca79644f80820fcdb1689b70b8ca265e8.exe

Files

f88f9333c373ed722be50e092ec17a57.bin
.zip

Password: infected
5d9749d15c6ec9adaa59655cbcab4fdca79644f80820fcdb1689b70b8ca265e8.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX3
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ