General

  • Target

    ups.exe

  • Size

    211KB

  • MD5

    016c563c2f3011532fb851f5d3baef34

  • SHA1

    33f61e760720bd92708cb70e8ee9dc0d97e60a3b

  • SHA256

    f2255d65b2f7193ad81bc5d874a17953f6acf9469613adc109f947745a8f39b5

  • SHA512

    77565dcd78aa1072977ef928fc8beda576fedc1a5bc4b29c4e1ced90554db860e06fdc3974e74d4e1067a5f9e766c8c27d6daedd9cbe207ab937a354a0467aca

  • SSDEEP

    3072:FSnzw5FmY9/qcFO3IjfDFHhLPwyYwyRh9yCfY/EhDLxDNO575vAZQWvvRT06QwXH:AQ9ScNbpdY7Rh07/EhxDNOMZLRVd

Score
10/10

Malware Config

Signatures

  • Remcos family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • ups.exe
    .exe windows:5 windows x86 arch:x86

    Password: g4m4s1?


    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections