Malicious_0307cbfcadb8b9d64993d226d877c287696ad6c210f2515d01e717289307031d[.]dontrunthis | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Malicious_0307cbfcadb8b9d64993d226d877c287696ad6c210f2515d01e717289307031d.dontrunthis
Size

2.6MB
MD5

531ea8c09ea278c76c7ce0524326f7df
SHA1

19e148a48d6c496af1cadab15940c7295cf406e9
SHA256

cad926f2d8b36c6d54faa6491024f2153003453b4ca44c17fbca37551f7588c3
SHA512

51179dfe20d68777eada4dcb44553cdbed226dcc73bfabf40d37da29ba8bfa7254e8c92744d8fac33954f3777bc12a3b86e26dccd0a2604878314e8a1f8408a1
SSDEEP

49152:PK4R94wxKGEHwWOK3l5RgZeNFIQR8hk0s6y0xu6mmBImnjLdFkN:LewxKGApOKZgZps6LZmmBljM

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
Malicious_0307cbfcadb8b9d64993d226d877c287696ad6c210f2515d01e717289307031d.dontrunthis
unpack001/out.upx

Files

Malicious_0307cbfcadb8b9d64993d226d877c287696ad6c210f2515d01e717289307031d.dontrunthis
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 124KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA