301375233c096c22c6002644f9d77233[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

301375233c096c22c6002644f9d77233.bin
Size

839KB
MD5

9f37bce675423d94f6478405376971d7
SHA1

f35e64229b7fed6f0d57944d6ee6f8b661e2d68f
SHA256

5560bb3173fea62e0738183be8e42943d71e24ce1887c991e505e1f3acdc55cf
SHA512

d44ce9a0c0b98e8ca80ed736c288d3cae73a102248a767ec664e882a62cee23401c7e90220be4051c90529f3908e9b88386ebde2ded21446320426ccccece381
SSDEEP

24576:3xo2t0R48kAWEEPPt5GOh5jczwDE91kBad:3xdaR487WEE9pdcEy1kwd

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/e394e7da62d1b272f3bec28cc075485cef04cda0d18c834d7133fbe3cacbb909.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e394e7da62d1b272f3bec28cc075485cef04cda0d18c834d7133fbe3cacbb909.exe

Files

301375233c096c22c6002644f9d77233.bin
.zip

Password: infected
e394e7da62d1b272f3bec28cc075485cef04cda0d18c834d7133fbe3cacbb909.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 845KB - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE