cdd36754b21877d820970821f1356b69 | Triage

Sharing

General

Target

cdd36754b21877d820970821f1356b69
Size

285KB
MD5

cdd36754b21877d820970821f1356b69
SHA1

a28703d1b5f7828b09ddc5fdc582212ee208ded4
SHA256

51066dfc8ee8cd4025373f2ecf3d0db03b8918ed51739347a5fe8f11698e6d2b
SHA512

015889047f85bd3799017692f80b05f04b2b5802a4d830e91c06d22140289cd743c9a9bf03cafb5569a14473963733b9c93675bfdc10966e84d12377703915f5
SSDEEP

6144:8AAi7vKLFz5WlIOHHOAYfrRib6TXTPEkLzyzdTj:BAi7vNl2Aq4b6n9CzdH

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/xhphonescan.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/xhphonescan.exe

Files

cdd36754b21877d820970821f1356b69
.zip
xhphonescan.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 460KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 278KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ʹ˵.txt
װ˵.url
.url
ؼʷб.txt
עʺ.txt
.txt