750fe441a59bf5f9b13593ef003f4412

Sharing

Copy URL

Twitter E-mail

General

Target

750fe441a59bf5f9b13593ef003f4412
Size

551KB
MD5

750fe441a59bf5f9b13593ef003f4412
SHA1

b2935e5fbbba3266a4f43dc752dac822cca0db13
SHA256

20f237415445092295ae8a90ce532cec34626ce7305a5b7f10607a116e4c2ef4
SHA512

b6f95c98366a01207a1d03c83bccd6dcfe68f37c231d273b4c4552e6096018b0ca05085fc42ae7145013783b7c2dd7f7eb3be3aa48226914f356d868eed6c30e
SSDEEP

12288:QPLvQ81WT4wWj7AEL0jip4GLdY1vyQ3ccP3BlpsSo3fsp966M4+:QPLvQmbwWjEEeip4GLO1vyQ3ccFL6uMB

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 4 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
static1/unpack001/lib/jpegtran.exe	upx
static1/unpack001/lib/jscl.exe	upx
static1/unpack001/lib/miniperl.exe	upx
static1/unpack001/lib/packjpg.exe	upx

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/lib/jpegoptim.exe
unpack001/lib/jpegtran.exe
unpack001/lib/jscl.exe
unpack003/out.upx
unpack001/lib/miniperl.exe
unpack001/lib/packjpg.exe
unpack001/lib/pngout.exe

Files

750fe441a59bf5f9b13593ef003f4412
.zip
ScriptJPG.cmd
.cmd .vbs
lib/jpegoptim.exe
.exe windows:6 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 108KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
lib/jpegrescan.pl
lib/jpegtran.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
lib/jscl.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
lib/miniperl.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 396KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 249KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
lib/packjpg.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 316KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
lib/pngout.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 21.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

79b3362178937bf9559741c46bb9e035

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.MPRESS1 Size: 108KB - Virtual size: 264KB

.MPRESS2 Size: 3KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 472B

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 96KB

UPX1 Size: 65KB - Virtual size: 68KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 44KB

UPX1 Size: 14KB - Virtual size: 16KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 44KB - Virtual size: 40KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 16B

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 396KB

UPX1 Size: 249KB - Virtual size: 252KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 316KB

UPX1 Size: 78KB - Virtual size: 80KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

Size: - Virtual size: 21.0MB

Size: 36KB - Virtual size: 40KB

Size: 512B - Virtual size: 4KB

.MPRESS1
Size: 108KB - Virtual size: 264KB

.MPRESS2
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 472B

UPX0
Size: - Virtual size: 96KB

UPX1
Size: 65KB - Virtual size: 68KB

UPX2
Size: 512B - Virtual size: 4KB

UPX0
Size: - Virtual size: 44KB

UPX1
Size: 14KB - Virtual size: 16KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 40KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 16B

UPX0
Size: - Virtual size: 396KB

UPX1
Size: 249KB - Virtual size: 252KB

UPX2
Size: 512B - Virtual size: 4KB

UPX0
Size: - Virtual size: 316KB

UPX1
Size: 78KB - Virtual size: 80KB

UPX2
Size: 512B - Virtual size: 4KB