360宽带测速器 v5[.]1[.]1[.]1430[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

360宽带测速器 v5.1.1.1430.exe
Size

4.2MB
MD5

c5b1caf32919732c17f4d6be5dc25e21
SHA1

c68545277a46e8809480c500329cd3acab25d4e8
SHA256

6598b323f9c0816df5394251aac235ef75b422dc4b42e541645cb894b401f2c4
SHA512

8e238411bdc34f0849f7d86d36e91f2ed1853c8dba620e2a5f1528496897e4781b008728d13dc6333cee724be2719c03de00b236d576aeea65536fcf600a3cd8
SSDEEP

98304:OFVh4JQM0cGUAkc9hRPxsifwArWanZEqZRQVQZ/2nLP:0EeM0c9AJPui3rnZXRQVQd2nLP

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
360宽带测速器 v5.1.1.1430.exe
unpack001/out.upx

Files

360宽带测速器 v5.1.1.1430.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ