f62010b7851c93705933be3dd24d1dd5b4ad2eec7285a48bb15d8bbed0130ecf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f62010b7851c93705933be3dd24d1dd5b4ad2eec7285a48bb15d8bbed0130ecf
Size

4.6MB
MD5

2961c64f1bf62105a7ebc61289064d42
SHA1

d26dd3ada796453732034f25adf1660f4542efae
SHA256

f62010b7851c93705933be3dd24d1dd5b4ad2eec7285a48bb15d8bbed0130ecf
SHA512

0d8b71d23744903e2c8f2bf8ef9ca9318cd9b53f4461d20d487d64c653d46c86347cd698a62dd6c185bb03d950b284157b8c64a1f45f515f36b6bf7252c9568c
SSDEEP

49152:RERX4k3uWV355FXw/+e4wCu+2GV35MwrEYCFEvlmOmTgtFM3uK5m3imrHuiff+pV:xqEYzEFTgtFM3ukm3imPntc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/Windows Loader v2.2.2/WAT Fix.exe	upx
static1/unpack001/Windows Loader v2.2.2/Windows Loader.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Windows Loader v2.2.2/WAT Fix.exe
unpack001/Windows Loader v2.2.2/Windows Loader.exe

Files

f62010b7851c93705933be3dd24d1dd5b4ad2eec7285a48bb15d8bbed0130ecf
.zip
Windows Loader v2.2.2/Keys.ini
Windows Loader v2.2.2/Read me.txt
Windows Loader v2.2.2/WAT Fix.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 275KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Windows Loader v2.2.2/Windows Loader.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 577KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Windows Loader v2.2.2/checksums.md5
Windows Loader v2.2.2/.url
.url