02fb726ccf9a550dafc00f7dbfe5c1ea[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02fb726ccf9a550dafc00f7dbfe5c1ea.bin
Size

1.8MB
MD5

ef410e4d5229f99d954bea828285a5d3
SHA1

6cbe4ab4260a5655235ca65b03946967956689f1
SHA256

0431323f7f1c54bf7ec3945f256e326686a59e5802f39363011ee965ea00f60d
SHA512

8428d81b72883c8ee23a4e7b8deaf2e90743f3d355b3228199ab14ad8c2ffe98f620b76487b663cfe5717d04bf3670ede80532c1ee815d71914ca0e44fe9800e
SSDEEP

49152:dMU0enm54KZhrSdiVxBoXLukcJbrkDPD/:OXQKlbKiKXLuTZs/

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/060705db94b7ea673486db72ffc54fbd5e3c898758f9a16575d636c78e95dffb.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/060705db94b7ea673486db72ffc54fbd5e3c898758f9a16575d636c78e95dffb.exe

Files

02fb726ccf9a550dafc00f7dbfe5c1ea.bin
.zip

Password: infected
060705db94b7ea673486db72ffc54fbd5e3c898758f9a16575d636c78e95dffb.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE