5efab94542e558d6f0e2009ea0f801a0

Sharing

Copy URL

Twitter E-mail

General

Target

5efab94542e558d6f0e2009ea0f801a0
Size

312KB
MD5

5efab94542e558d6f0e2009ea0f801a0
SHA1

df96b68d1b2f9ab0fd7ee93f9b72f0773e5b69c3
SHA256

84583ef0ec308df0f4c7f60a83bd8d5149e8b9f7fbf9f64e950e1789bf0578db
SHA512

826c1126dfb83b300b6ef12374375b18a16965a0864d704307476153986c7ace960c0793f61ef9a3a24e814d60dce46dcf691d083ce1a703e44502eb318bcc61
SSDEEP

6144:WhQWG66G5bCSHUrMVdm8HW46rJz2loOO1BSThrdjVYrU9yBsabWIqFM:WHG6T5fUWw8HZE2CO9ThRjVYQ9yBRbWW

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/RainRadio.exe	upx

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack002/out.upx	autoit_exe

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RainRadio.exe
unpack002/out.upx
unpack001/taskill.exe

Files

5efab94542e558d6f0e2009ea0f801a0
.zip
181Alternative.pls
181ClassicRock.pls
1FM90s.pls
97780s.pls
977Hits.pls
Back.png
.png
CloseButton.png
.png
Gloss.png
.png
Little RainRadio.ini
RadioParadise.pls
RainRadio.au3
RainRadio.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 452KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 261KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 510KB - Virtual size: 510KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SkyFM70s.pls
SkyFMHits.pls
Slider.png
.png
VLC Close.png
.png
dot.png
.png
taskill.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
updn.png
.png

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 452KB

UPX1 Size: 261KB - Virtual size: 264KB

.rsrc Size: 29KB - Virtual size: 32KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 510KB - Virtual size: 510KB

.rdata Size: 54KB - Virtual size: 54KB

.data Size: 12KB - Virtual size: 91KB

.rsrc Size: 37KB - Virtual size: 36KB

Headers

File Characteristics

Sections

Size: - Virtual size: 24KB

Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 452KB

UPX1
Size: 261KB - Virtual size: 264KB

.rsrc
Size: 29KB - Virtual size: 32KB

.text
Size: 510KB - Virtual size: 510KB

.rdata
Size: 54KB - Virtual size: 54KB

.data
Size: 12KB - Virtual size: 91KB

.rsrc
Size: 37KB - Virtual size: 36KB

.rsrc
Size: 1KB - Virtual size: 4KB