3[.]5[.]5_45231[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3.5.5_45231.exe
Size

2.1MB
MD5

8f9917a38dafa413eb4a006a859be70b
SHA1

2e358e4c572a4471c8c75ad70dd27ae6fd3d6267
SHA256

cec2ad84916167fd313be6307a680768aa568acc5727723eae0e9f2fb93e1703
SHA512

f96f4f948a0723758fe5003f9f3252c6a544807497a768e2b6360b2f8cb24c520ba7010e0572abfc20c348b2ffb11f814852beaee5d359f7310db746c94dabe0
SSDEEP

49152:tXNDBagsOUl/4UWELniy3ggMf+kYwjm6G4z:BNDggsLl/UELiMg7rYz0

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/Device/HarddiskVolume4/Users/AN PROJECT/AppData/Roaming/uTorrent/updates/3.5.5_45231.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume4/Users/AN PROJECT/AppData/Roaming/uTorrent/updates/3.5.5_45231.exe

Files

3.5.5_45231.exe
.zip

Password: S@ndb0x!2023@@
Device/HarddiskVolume4/Users/AN PROJECT/AppData/Roaming/uTorrent/updates/3.5.5_45231.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
manifest.json