828995ec92843d3543619843b4e4f742[.]bin

General

Target

828995ec92843d3543619843b4e4f742.bin
Size

8.3MB
MD5

eb51933e4d608e567cd1da0d6c0d78b1
SHA1

646715a4f598c23a210a99d0731ece59b93200d5
SHA256

381dada25eebdc99e2c14ce24161a224f3a26d68b9e41178971a12dcd9e153ed
SHA512

c085b496aca0a145b53549303353c4671735b960a763230cadaab1fb5aecc6ae54a8cadda860fc8410228b07d154c2c6f7ad0543c2d72e563cf8a1730cb3f6d9
SSDEEP

196608:LhJp90RqOojM2zATibFmoxefyAIbgQNDk+ij/EiFq7GarV4AWdOyuyzAdhIpR7:0RXo42cibgogf/mgj/EiOjFMOC8wp

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/f7ba486a6b833ef07b5ee6398bb1311ed700116f98adca57f8a908f29e27ce4e.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f7ba486a6b833ef07b5ee6398bb1311ed700116f98adca57f8a908f29e27ce4e.exe
unpack002/out.upx

Files

828995ec92843d3543619843b4e4f742.bin
.zip

Password: infected
f7ba486a6b833ef07b5ee6398bb1311ed700116f98adca57f8a908f29e27ce4e.exe
.exe windows:6 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8.6MB - Virtual size: 8.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6.4MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.6MB

UPX1 Size: 8.6MB - Virtual size: 8.6MB

UPX2 Size: 512B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 1.9MB - Virtual size: 1.9MB

.data Size: 6.4MB - Virtual size: 6.6MB

.idata Size: 1024B - Virtual size: 988B

.reloc Size: 91KB - Virtual size: 90KB

.symtab Size: 512B - Virtual size: 4B

UPX0
Size: - Virtual size: 2.6MB

UPX1
Size: 8.6MB - Virtual size: 8.6MB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 6.4MB - Virtual size: 6.6MB

.idata
Size: 1024B - Virtual size: 988B

.reloc
Size: 91KB - Virtual size: 90KB

.symtab
Size: 512B - Virtual size: 4B