6cd8bae6ba4fdbe0ef7cf187ad3dedef

Sharing

Copy URL Twitter E-mail

General

Target

6cd8bae6ba4fdbe0ef7cf187ad3dedef
Size

607KB
MD5

6cd8bae6ba4fdbe0ef7cf187ad3dedef
SHA1

6190286aa51d40d77fc8a2719c1c0431ebd46907
SHA256

03e5729ecccf6e207ba2f3923c4d20aaf703d8429d394aebda0b147e77d47fbe
SHA512

543cfd77ce5efeb7c2ec1bbdac4289a270422ff09f30d758c8c81e84e0a5206f7e843d5998f7a4798858e1c73aed1784d53ba874ed5bb9bbf19059dcb06ad5dd
SSDEEP

12288:ykNt2M+2Eg2PyptfZilKHIxezWWcvFJgWfe2E0PEqZm6xf6KQ930ND:ySt2x2wqp9ZvHPzefe2E0sqQeffQa

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/啊！数独/啊！数独.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/啊！数独/啊！数独.exe
unpack002/out.upx

Files

6cd8bae6ba4fdbe0ef7cf187ad3dedef
.rar
啊！数独/data/config.edb
啊！数独/data/language.edb
啊！数独/like/示例_2000年1月1日0时0分0秒/Sudoku
啊！数独/like/示例_2000年1月1日0时0分0秒/image.bmp
啊！数独/啊！数独.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 586KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 804KB - Virtual size: 802KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
啊！数独/红豆软件站.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.5MB

UPX1 Size: 586KB - Virtual size: 588KB

.rsrc Size: 18KB - Virtual size: 20KB

Headers

File Characteristics

Sections

.text Size: 804KB - Virtual size: 802KB

.rdata Size: 1.9MB - Virtual size: 1.9MB

.data Size: 68KB - Virtual size: 373KB

.rsrc Size: 44KB - Virtual size: 41KB

UPX0
Size: - Virtual size: 2.5MB

UPX1
Size: 586KB - Virtual size: 588KB

.rsrc
Size: 18KB - Virtual size: 20KB

.text
Size: 804KB - Virtual size: 802KB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 68KB - Virtual size: 373KB

.rsrc
Size: 44KB - Virtual size: 41KB