27e9b4b8ff0b4be8faffd8d4a64786f19932298a12ec0fa57de35c725509da87

Sharing

Copy URL Twitter E-mail

General

Target

27e9b4b8ff0b4be8faffd8d4a64786f19932298a12ec0fa57de35c725509da87
Size

1.0MB
MD5

c66b764a11048bec4789c7abc4630f7f
SHA1

877b07b865ee0f6b588e5d4520012878e72e77e3
SHA256

27e9b4b8ff0b4be8faffd8d4a64786f19932298a12ec0fa57de35c725509da87
SHA512

d1636eedf3fdc32329b96f8a2ee0bcd64f7123ce8f1184a4752aad1239909ce957173c0aa4b25d78a82c9ff4c7b5ae47ee2770d0fda65e03a71d778ffef11004
SSDEEP

24576:fn50kpdV1fVcpli4shwb9CDLWK8CzbTr5F6xP:a+7JVCbof8CzbH5M

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/EhPG小说下载器V2.4/EhPG小说下载.exe	upx
static1/unpack001/EhPG小说下载器V2.4/微软语音库/启动与停止语音库服务程序.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/EhPG小说下载器V2.4/EhPG小说下载.exe
unpack001/EhPG小说下载器V2.4/微软语音库/启动与停止语音库服务程序.exe

Files

27e9b4b8ff0b4be8faffd8d4a64786f19932298a12ec0fa57de35c725509da87
.zip
EhPG小说下载器V2.4/EhPG小说下载.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 737KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
EhPG小说下载器V2.4/使用说明【使用前必看】.txt
EhPG小说下载器V2.4/微软语音库/0.reg
EhPG小说下载器V2.4/微软语音库/1.txt
EhPG小说下载器V2.4/微软语音库/使用说明.txt
EhPG小说下载器V2.4/微软语音库/启动与停止语音库服务程序.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 728KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 309KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.5MB

UPX1 Size: 737KB - Virtual size: 740KB

.rsrc Size: 11KB - Virtual size: 12KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 728KB

UPX1 Size: 309KB - Virtual size: 312KB

.rsrc Size: 95KB - Virtual size: 96KB

UPX0
Size: - Virtual size: 1.5MB

UPX1
Size: 737KB - Virtual size: 740KB

.rsrc
Size: 11KB - Virtual size: 12KB

UPX0
Size: - Virtual size: 728KB

UPX1
Size: 309KB - Virtual size: 312KB

.rsrc
Size: 95KB - Virtual size: 96KB