Malicious_1100e19979c558b0d4cbddc1cc785432a1af271e77ffcd7113a3ba339c3e16c3[.]dontrunthis | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Malicious_1100e19979c558b0d4cbddc1cc785432a1af271e77ffcd7113a3ba339c3e16c3.dontrunthis
Size

2.5MB
MD5

c6c49e4dde31cc2426b07cad63160f89
SHA1

bc8f4e11a447d1ae1ab5917263c5c894ece94d38
SHA256

344ecb16ea51db55c2ccf7da251a35db49a18bb0fe7705abe7e5352f871938e2
SHA512

bfc580f88ca0e988fc57139876ca389c3f6a76caaab674b8f6ebbfb9e9df53c4a06872cd51d2d87055c4b7a88cbbd19f7d08f8aada276a643071a19b661ab7ef
SSDEEP

49152:PK4R94wxKGYsiXzgHGXzLkrqsGrHZSHHpkhAgU6pTae6jeRLC8SINZ:LewxKGM6wLku0qKgUITr6qRLd

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
Malicious_1100e19979c558b0d4cbddc1cc785432a1af271e77ffcd7113a3ba339c3e16c3.dontrunthis
unpack001/out.upx

Files

Malicious_1100e19979c558b0d4cbddc1cc785432a1af271e77ffcd7113a3ba339c3e16c3.dontrunthis
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 124KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA