003d33deff7ac11ecc4f1576ec5132b19a9feb071212e35012aa6fd47e382f2f

Sharing

Copy URL Twitter E-mail

General

Target

003d33deff7ac11ecc4f1576ec5132b19a9feb071212e35012aa6fd47e382f2f
Size

1.2MB
MD5

24dbc67f80bfcc4d56269d4abd284719
SHA1

70d6ea7ddc77df852c2b261d067212262d8883ec
SHA256

003d33deff7ac11ecc4f1576ec5132b19a9feb071212e35012aa6fd47e382f2f
SHA512

3b8b2b8262c3654502259c514891f45addb7ce6bfe33b7e2a8cd7097702bc6de64cf2ac2882f561f19abe46b924644bb9e005c314b1952455147829b8d773784
SSDEEP

24576:bFGqeJz4l3NoLGFGqeJz4l3AnR3E0x0FQBkEQp009X90LWlyldVDsM:yl4ldsl4liMSa0IX90ylyZ5

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/Server.exe	upx
static1/unpack001/Service.exe	upx

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Server.exe
unpack002/out.upx
unpack001/Service.exe
unpack003/out.upx

Files

003d33deff7ac11ecc4f1576ec5132b19a9feb071212e35012aa6fd47e382f2f
.zip
Server.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 468KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 262KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 514KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Service.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 468KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 262KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 514KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 468KB

UPX1 Size: 262KB - Virtual size: 264KB

.rsrc Size: 37KB - Virtual size: 40KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 514KB - Virtual size: 513KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 26KB - Virtual size: 105KB

.rsrc Size: 36KB - Virtual size: 35KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 468KB

UPX1 Size: 262KB - Virtual size: 264KB

.rsrc Size: 37KB - Virtual size: 40KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 514KB - Virtual size: 513KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 26KB - Virtual size: 105KB

.rsrc Size: 36KB - Virtual size: 35KB

UPX0
Size: - Virtual size: 468KB

UPX1
Size: 262KB - Virtual size: 264KB

.rsrc
Size: 37KB - Virtual size: 40KB

.text
Size: 514KB - Virtual size: 513KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 26KB - Virtual size: 105KB

.rsrc
Size: 36KB - Virtual size: 35KB

UPX0
Size: - Virtual size: 468KB

UPX1
Size: 262KB - Virtual size: 264KB

.rsrc
Size: 37KB - Virtual size: 40KB

.text
Size: 514KB - Virtual size: 513KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 26KB - Virtual size: 105KB

.rsrc
Size: 36KB - Virtual size: 35KB