44059844a580f34bf8cc5647aa2d80a8ee6ba223a98a07cc3448e668c2c98aed

General

Target

44059844a580f34bf8cc5647aa2d80a8ee6ba223a98a07cc3448e668c2c98aed
Size

365KB
MD5

98258ab3aaef61a839223615596a89db
SHA1

fcd6c5ea4c4edf61621de9c282aad117d1cd4dc1
SHA256

44059844a580f34bf8cc5647aa2d80a8ee6ba223a98a07cc3448e668c2c98aed
SHA512

89328a6d051876e185041478ff9bc8c947e6b6226cc4c5c5bf2049775ed5972419e2dd97e97754e5ceca1d95d8212f89a26cc82dd905adf61320de160293225c
SSDEEP

6144:9u2OxigrUanFppcXQvbrWs5yDXVGAWE72wXfHzYajvQP:aYonFgKQFGAWESwXfHkab+

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/zipfiles/C/$Recycle.Bin/S-1-5-18/$RBU0IKH/Video.AMD1/Legacy/B367348/RunOneByOne.exe	upx

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack003/out.upx	autoit_exe

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/zipfiles/C/$Recycle.Bin/S-1-5-18/$RBU0IKH/Video.AMD1/Legacy/B367348/RunOneByOne.exe
unpack003/out.upx

Files

44059844a580f34bf8cc5647aa2d80a8ee6ba223a98a07cc3448e668c2c98aed
.zip
5a15a1f10ccecf152270b28a8bea9d2b60e9ba57d820b6c638833f9f9dff8a8c_20231025084056/antiav.zip
.zip
zipfiles/C/$Recycle.Bin/S-1-5-18/$RBU0IKH/Video.AMD1/Legacy/B367348/RunOneByOne.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 564KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 334KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 557KB - Virtual size: 557KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 564KB

UPX1 Size: 334KB - Virtual size: 336KB

.rsrc Size: 48KB - Virtual size: 48KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 557KB - Virtual size: 557KB

.rdata Size: 179KB - Virtual size: 179KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 47KB - Virtual size: 46KB

.reloc Size: 41KB - Virtual size: 41KB

UPX0
Size: - Virtual size: 564KB

UPX1
Size: 334KB - Virtual size: 336KB

.rsrc
Size: 48KB - Virtual size: 48KB

.text
Size: 557KB - Virtual size: 557KB

.rdata
Size: 179KB - Virtual size: 179KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 47KB - Virtual size: 46KB

.reloc
Size: 41KB - Virtual size: 41KB