219ad549c4d74baaf85871c1eb484b2f[.]bin

General

Target

219ad549c4d74baaf85871c1eb484b2f.bin
Size

197KB
MD5

78048c679911f277703bd0b34e56e5aa
SHA1

de298de5965db547bfbc3463907754b5c9a0d68d
SHA256

e80a1cd6146bb4926b42d8c966eef8946b954dfbf86176f1a78b2352f7da730b
SHA512

85dbad20baed9625d45579ad373f836e9aedef67e977674ebc65f859710c7c842285d5eb57457d23acfb72acfc803ca2c3e0a387b1a5fadaf4950566e734bb8c
SSDEEP

6144:5rfSHa7K5cUoTUNlgbxMic4FvPdS5uzNLww:5rfS6m+TognHr7xLN

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/6c33432c658be9c33e8475cdf8c771ad96def493d7f8efcb69ba8d251ccd4332.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6c33432c658be9c33e8475cdf8c771ad96def493d7f8efcb69ba8d251ccd4332.exe
unpack002/out.upx

Files

219ad549c4d74baaf85871c1eb484b2f.bin
.zip

Password: infected
6c33432c658be9c33e8475cdf8c771ad96def493d7f8efcb69ba8d251ccd4332.exe
.exe windows:5 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 308KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 190KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 308KB

UPX1 Size: 190KB - Virtual size: 192KB

.rsrc Size: 47KB - Virtual size: 48KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 291KB - Virtual size: 290KB

.rdata Size: 97KB - Virtual size: 96KB

.data Size: 10KB - Virtual size: 16KB

.rsrc Size: 46KB - Virtual size: 46KB

.reloc Size: 18KB - Virtual size: 18KB

UPX0
Size: - Virtual size: 308KB

UPX1
Size: 190KB - Virtual size: 192KB

.rsrc
Size: 47KB - Virtual size: 48KB

.text
Size: 291KB - Virtual size: 290KB

.rdata
Size: 97KB - Virtual size: 96KB

.data
Size: 10KB - Virtual size: 16KB

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 18KB - Virtual size: 18KB