General
-
Target
SKIDROW.exe
-
Size
560KB
-
MD5
9699c1a9a132ace5d2490c4534c8ee1a
-
SHA1
4c1d41ad7e7bfea0a1d40c7462ee1fa511f4b878
-
SHA256
de92ded5c04bd170aef5033a46848be7ecf01029b207f26313a4738fee7ffece
-
SHA512
9552a36aa2b4b627859abf1466ce6a247687767974d48492eff4dfdb4614d65648b77082a088b0dcbe247b0f8cce11f0198ae9b82b078c091971ac6df3db1470
-
SSDEEP
12288:qIiRDeXHF8O81CNnVxrwcDFgTmOsK6Sn2qjg3pL+ck2UI:VKDeXF8R1ClUcDyqls2a0+ckL
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource SKIDROW.exe unpack001/out.upx
Files
-
SKIDROW.exe.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 2.2MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 456KB - Virtual size: 456KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 103KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 19KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ