kayla_nudes[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

kayla_nudes.rar
Size

273.2MB
MD5

78ea6c543758ce875bb1f693eb688207
SHA1

b099678ddc275a89326b4f699f1b8f4337ee06e5
SHA256

75428941641caf4c82ea2cf83e188a1d31d8c786418b1e15692bc9d753802509
SHA512

6221a51d81b96fa66598923596665f0d7df09ab3380554fc60759fe5bdb38324757fce34cee84d083679848525aa0e88dd14aeb5623679b3260b704b72079fb1
SSDEEP

6291456:dEl1cnlgLGp7Qp+Nfh/RntCW82ZpDEQntCW82ZpDEx:el1KgLliN82ZqK82Zqx

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/Lucy_Nudes2/2019-02-17_21-47-39.exe	upx
static1/unpack001/Lucy_Nudes2/Photo Jun 16, 8 37 11 PM.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Lucy_Nudes2/2019-02-17_21-47-39.exe
unpack001/Lucy_Nudes2/Photo Jun 16, 8 37 11 PM.exe

Files

kayla_nudes.rar
.rar

Password: egehhthshsr
Lucy_Nudes2/2019-02-17_21-47-39.exe
.exe windows:5 windows x64 arch:x64

Password: egehhthshsr

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 228KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 127KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
�t8.pyc
Lucy_Nudes2/2019-02-25_11-18-12.png
.png

Password: egehhthshsr
Lucy_Nudes2/2019-02-25_11-18-23.png
.png

Password: egehhthshsr
Lucy_Nudes2/2019-02-25_11-18-29.png
.png

Password: egehhthshsr
Lucy_Nudes2/2019-03-16_16-24-05.png
.png

Password: egehhthshsr
Lucy_Nudes2/2019-03-16_16-27-01.png
.png

Password: egehhthshsr
Lucy_Nudes2/2019-03-16_16-27-12.png
.png

Password: egehhthshsr
Lucy_Nudes2/2019-03-16_16-31-58.png
.png

Password: egehhthshsr
Lucy_Nudes2/2019-03-17_14-36-41.png
.png
Lucy_Nudes2/2019-03-17_14-36-45.png
.png
Lucy_Nudes2/2019-03-17_14-37-52.png
.png
Lucy_Nudes2/2019-03-17_14-38-16.png
.png
Lucy_Nudes2/IMAGE 2.png
.png
Lucy_Nudes2/Photo Jun 15, 5 45 55 PM.png
.png
Lucy_Nudes2/Photo Jun 15, 5 45 57 PM.png
.png
Lucy_Nudes2/Photo Jun 15, 5 46 00 PM.png
.png
Lucy_Nudes2/Photo Jun 15, 5 46 02 PM.jpg
.jpg
Lucy_Nudes2/Photo Jun 15, 5 46 28 PM.jpg
.jpg
Lucy_Nudes2/Photo Jun 15, 5 46 32 PM.jpg
.jpg
Lucy_Nudes2/Photo Jun 15, 5 46 45 PM.png
.png
Lucy_Nudes2/Photo Jun 15, 5 46 47 PM.png
.png
Lucy_Nudes2/Photo Jun 16, 8 36 38 PM.jpg
.jpg
Lucy_Nudes2/Photo Jun 16, 8 36 50 PM.jpg
.jpg
Lucy_Nudes2/Photo Jun 16, 8 36 58 PM.jpg
.jpg
Lucy_Nudes2/Photo Jun 16, 8 37 11 PM.exe
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 228KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 127KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Lucy_Nudes2/Photo Jun 16, 8 37 11 PM.jpg
.jpg
Lucy_Nudes2/image 1.jpg
.jpg
Lucy_Nudes2/image 3.png
.png
Lucy_Nudes2/image0.png
.png
Lucy_Nudes2/image2 (2).png
.png
Lucy_Nudes2/image3 (2).png
.png
Lucy_Nudes2/image3.png
.png
Lucy_Nudes2/image4 (1).png
.png
Lucy_Nudes2/image4 (2).png
.png
Lucy_Nudes2/image5 (1).png
.png
Lucy_Nudes2/image5 (2).png
.png
Lucy_Nudes2/image6.png
.png
Lucy_Nudes2/image7.png
.png
Lucy_Nudes2/video0.mov