b693d092597220055c530c8cf870401eda0ea2b1c5799c96f60f1817321e94c5 | Triage

Sharing

General

Target

b693d092597220055c530c8cf870401eda0ea2b1c5799c96f60f1817321e94c5
Size

6.4MB
MD5

13b55a5337ccfe1e59512215f89674d5
SHA1

eeb4e6a2fdba6dd2b096347bee04a8143b0f9cd6
SHA256

b693d092597220055c530c8cf870401eda0ea2b1c5799c96f60f1817321e94c5
SHA512

082e8c9cbc57c0fb0c857b293b9c44ec432e22221fe0a7dd8f4902ab5acb173f7f7abc55b06c46f6de442b00c168d50be136c63c62bc584f62d47c63632cc8d0
SSDEEP

196608:VHXG0kSaEs13jygLdR78gbBnDHLluI/DdrHHL:V3evJdjXd9JBD5uaDxL

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/msray-windows/msray.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/msray-windows/msray.exe

Files

b693d092597220055c530c8cf870401eda0ea2b1c5799c96f60f1817321e94c5
.zip
msray-windows/config.yaml
msray-windows/data/agent.txt
msray-windows/data/country.mmdb
msray-windows/data/proxy.txt
msray-windows/data/tld.data
msray-windows/msray.exe
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
msray-windows/readme.md
msray-windows/start.bat
msray-windows/update.md