537ab5e19e9158ffcac825558a1e0191[.]bin | Triage

Sharing

General

Target

537ab5e19e9158ffcac825558a1e0191.bin
Size

430KB
MD5

883ed735f4dcdc41704cd90b829a4bba
SHA1

f85c8b6dfedb5e37844f4e608a54b196b2cdd7b3
SHA256

72e135007eb41a267581aefa200046f8c8fced9680e0e0a07b3fc6ec94357917
SHA512

d438dca48d6bb36aade0faeffbd0b0a320ac14f6ad31d169f8ebdf089f8dddcdf065d2c01e04843058a34f2b9190f96e6e8937d00060f63e94bc1f1b73bacf2f
SSDEEP

12288:nR+BRblYYNny6WOjVxTz3Dmvd7iGh9EoSBhXK:nSJ6Yw6WOxxTzzml75u1K

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/d54997e6a5f3f945ea8c6fad8801ff867d29c748c8bede4bca1a76dc761f29f5.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d54997e6a5f3f945ea8c6fad8801ff867d29c748c8bede4bca1a76dc761f29f5.exe

Files

537ab5e19e9158ffcac825558a1e0191.bin
.zip

Password: infected
d54997e6a5f3f945ea8c6fad8801ff867d29c748c8bede4bca1a76dc761f29f5.exe
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 724KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 371KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE