98f162a57f460d08bb019709390c1f75[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98f162a57f460d08bb019709390c1f75.bin
Size

25KB
MD5

5a31f9e622c47c4622466f078aeda7e3
SHA1

20cd3997540645af97972ff3807c4f57bcd254d4
SHA256

e9bacfc6a0f4341b5b17685d61ebb4585fc40786bbee0d86bee46cc87edd01cc
SHA512

c907d8b4d98596f74f508eb61553e225bab7ad858f6fdc33d13c57f738cc4bb0c8b400e50603457d30a8681b8be5de29434625eb07871aaa1b0b8e9274176dd2
SSDEEP

768:zM1aMjPPfrB1tSJg1wLkTAsSy5GKPqFWznMQ3T:Yak1tSS1Rcy5GZFWrMQD

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/ea6e1149ee9913745c301e7b7cb914e51e131743d5d1262e226a8a55afba5ca8.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ea6e1149ee9913745c301e7b7cb914e51e131743d5d1262e226a8a55afba5ca8.exe
unpack002/out.upx

Files

98f162a57f460d08bb019709390c1f75.bin
.zip

Password: infected
ea6e1149ee9913745c301e7b7cb914e51e131743d5d1262e226a8a55afba5ca8.exe
.exe windows x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ