39a7b452a15a2753a88c8d6ebdcae163abfbb065a9ba7ffa5818a0bf7f6bd05d[.]exe[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

39a7b452a15a2753a88c8d6ebdcae163abfbb065a9ba7ffa5818a0bf7f6bd05d.exe.zip
Size

974KB
MD5

25e1c717c94d3cc01885eb64133f9792
SHA1

bdcce6e92dc276f847f2f0e8f18f7ea4660269a7
SHA256

db3d549dfbf99200cca7bdbf396ab9d9cf8db722cbd286024791afe770393076
SHA512

a16235df32638171a8bdba3223899401ddbd19620674e02fac7682ee8e3c633384e9e9fbaec3ff2de6dee6b901d935af1e5a2c3567cc54468b3ce2be3de32af0
SSDEEP

24576:T/UsSJBbZu3w1oJCCe280TfSVUmgc25GzhKIwwPgIqt5Mfcc2RzX:M4PT5xTI25GPgIqtoOFX

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/39a7b452a15a2753a88c8d6ebdcae163abfbb065a9ba7ffa5818a0bf7f6bd05d.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/39a7b452a15a2753a88c8d6ebdcae163abfbb065a9ba7ffa5818a0bf7f6bd05d.exe
unpack002/out.upx

Files

39a7b452a15a2753a88c8d6ebdcae163abfbb065a9ba7ffa5818a0bf7f6bd05d.exe.zip
.zip

Password: infected
39a7b452a15a2753a88c8d6ebdcae163abfbb065a9ba7ffa5818a0bf7f6bd05d.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

VPX0
Size: - Virtual size: 264KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 130KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/91
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Sections

VPX0 Size: - Virtual size: 264KB

UPX1 Size: 50KB - Virtual size: 52KB

.rsrc Size: 130KB - Virtual size: 132KB

Headers

File Characteristics

Sections

.text Size: 74KB - Virtual size: 74KB

.data Size: 512B - Virtual size: 36B

.rdata Size: 9KB - Virtual size: 9KB

/4 Size: 1024B - Virtual size: 928B

.bss Size: - Virtual size: 19KB

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 28B

.tls Size: 512B - Virtual size: 32B

/14 Size: 512B - Virtual size: 152B

/29 Size: 18KB - Virtual size: 17KB

/41 Size: 2KB - Virtual size: 2KB

/55 Size: 3KB - Virtual size: 2KB

/67 Size: 1KB - Virtual size: 1KB

/80 Size: 512B - Virtual size: 64B

/91 Size: 3KB - Virtual size: 3KB

/102 Size: 1024B - Virtual size: 944B

.rsrc Size: 131KB - Virtual size: 130KB

VPX0
Size: - Virtual size: 264KB

UPX1
Size: 50KB - Virtual size: 52KB

.rsrc
Size: 130KB - Virtual size: 132KB

.text
Size: 74KB - Virtual size: 74KB

.data
Size: 512B - Virtual size: 36B

.rdata
Size: 9KB - Virtual size: 9KB

/4
Size: 1024B - Virtual size: 928B

.bss
Size: - Virtual size: 19KB

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 28B

.tls
Size: 512B - Virtual size: 32B

/14
Size: 512B - Virtual size: 152B

/29
Size: 18KB - Virtual size: 17KB

/41
Size: 2KB - Virtual size: 2KB

/55
Size: 3KB - Virtual size: 2KB

/67
Size: 1KB - Virtual size: 1KB

/80
Size: 512B - Virtual size: 64B

/91
Size: 3KB - Virtual size: 3KB

/102
Size: 1024B - Virtual size: 944B

.rsrc
Size: 131KB - Virtual size: 130KB