General

  • Target

    ad870dd21a186fc585af53fb6a1f3081.bin

  • Size

    309KB

  • MD5

    e514d7d01bd5abb53ace184ebd4e849d

  • SHA1

    1fb72b5ed6c816ee752eb87b6bd91a5594056250

  • SHA256

    b346e79dcb24aff42c82eb7aa053b4a9b98b960f211f6e3e18d5d3c30880cefc

  • SHA512

    3f1451d275e7478ad987803e39720e5006ed36d860c029e72de8f751dd6b69cd0ca6db2f32664bf2010b4bbe3f9555bc69236d55393709e160954bc361b331ed

  • SSDEEP

    6144:8ugV3q/PynvyU0j3NYpUgagxw+hSeY4eFSeTLFyz/VlskdXXOGN8vgq:4FqYiNYUgagxwWS/TDvgztKkNOGmF

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ad870dd21a186fc585af53fb6a1f3081.bin
    .zip

    Password: infected

  • b60ac9d5416b5b429bcaf2ce40614a1563642e31f025f0e7f9f2bbd10e896fdc.zip
    .zip

    Password: infected

  • -
    .exe windows:4 windows x86 arch:x86

    Password: infected


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • fac Infracci0n_TrAnsito-werw45_MdF3ocCinIfI.cmd
    .cmd .vbs