e7e56a10878150b4208b4c2b95f6fa41[.]bin

General

Target

e7e56a10878150b4208b4c2b95f6fa41.bin
Size

176KB
MD5

d466549825d81e9a4336ab25c40f9bfe
SHA1

2c8fb990d9724cb322970b8e63fd563ed5634719
SHA256

2b7ea33f7810a7bd9cd73e6a7550d04489b8d2e37a48b39851972ff8531694d0
SHA512

c5933a2726265e01c72ae9c3d519dc1cc644ffba7f9bf4d9330fd24c8d93cc821ee449effb64681222bae82d75458d1a79840f135f904c0950084b2f1c6af8f8
SSDEEP

3072:+FMwBlIv3ifpi7TeuDhQq4clLoRMfIL2e8SZ8hqR4yf5eyF3mu+anz8yzUzAEy6y:d8lIwKFeclLoRMfgchyf5eyF3j4ty6BE

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/3d70a211fcb73cd428aead5966081625502370c48bddbf7fe168c99ab2d45192.dll	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3d70a211fcb73cd428aead5966081625502370c48bddbf7fe168c99ab2d45192.dll

Files

e7e56a10878150b4208b4c2b95f6fa41.bin
.zip

Password: infected
3d70a211fcb73cd428aead5966081625502370c48bddbf7fe168c99ab2d45192.dll
.dll windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.UPX1
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 16B

.UPX0 Size: 12KB - Virtual size: 10KB

.UPX1 Size: 8KB - Virtual size: 7KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 16B

.UPX0
Size: 12KB - Virtual size: 10KB

.UPX1
Size: 8KB - Virtual size: 7KB

.reloc
Size: 12KB - Virtual size: 8KB