3736ea3381e5411c891a367acdf0e92cbf890fb926db9a470b6d3cf8fa415819[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

3736ea3381e5411c891a367acdf0e92cbf890fb926db9a470b6d3cf8fa415819.exe
Size

588KB
MD5

5f2f60e0cb2a4b5e2ec849641a3b08dd
SHA1

3fded9610433c618f48176940474b74df6c2b49d
SHA256

3736ea3381e5411c891a367acdf0e92cbf890fb926db9a470b6d3cf8fa415819
SHA512

7b6ca5ba95234202700e794c266ae5fe51282a79b4bd01c4815bc886290196a0e708d337ea105f89f4b8a43c7e3b15ffab9efbc346bfd26a62de75e603b05bfa
SSDEEP

12288:hrWfN3TrQ/g3iK5iiWjnyOymhwiAAsvYciSdsaNolSbycDNXiG5tc9:hif1gTKETHsOesayS+INHc9

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
3736ea3381e5411c891a367acdf0e92cbf890fb926db9a470b6d3cf8fa415819.exe
unpack001/out.upx

Files

3736ea3381e5411c891a367acdf0e92cbf890fb926db9a470b6d3cf8fa415819.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 868KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 507KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc/0/GROUP_ICON/DEFAULT_ICON
.rsrc/0/ICON/3.ico
.rsrc/0/ICON/4.ico
.rsrc/0/ICON/5.ico
.rsrc/0/ICON/6.ico
.rsrc/0/ICON/7.ico
.rsrc/0/ICON/8.ico
.rsrc/0/MANIFEST/1
.xml
.rsrc/2052/BITMAP/1031.bmp
.rsrc/2052/BITMAP/1038.bmp
.rsrc/2052/BITMAP/1138.bmp
.rsrc/2052/BITMAP/1139.bmp
.rsrc/2052/BITMAP/1140.bmp
.rsrc/2052/BITMAP/1141.bmp
.rsrc/2052/BITMAP/1142.bmp
.rsrc/2052/BITMAP/1143.bmp
.rsrc/2052/BITMAP/1144.bmp
.rsrc/2052/BITMAP/1145.bmp
.rsrc/2052/BITMAP/30994.bmp
.rsrc/2052/BITMAP/30995.bmp
.rsrc/2052/BITMAP/30996.bmp
.rsrc/2052/BITMAP/IEXT_IDB_STATEIMAGES.bmp
.rsrc/2052/CURSOR/1
.rsrc/2052/CURSOR/2
.rsrc/2052/CURSOR/3
.rsrc/2052/CURSOR/4
.rsrc/2052/DIALOG/1037
.rsrc/2052/DIALOG/1084
.rsrc/2052/DIALOG/1124
.rsrc/2052/DIALOG/1134
.rsrc/2052/DIALOG/1150
.rsrc/2052/DIALOG/150
.rsrc/2052/DIALOG/286
.rsrc/2052/DIALOG/30721
.rsrc/2052/DIALOG/30722
.rsrc/2052/DIALOG/554
.rsrc/2052/GROUP_CURSOR/1032
.rsrc/2052/GROUP_CURSOR/1033
.rsrc/2052/GROUP_CURSOR/30977
.rsrc/2052/GROUP_ICON/1151
.rsrc/2052/GROUP_ICON/1152
.rsrc/2052/ICON/1.ico
.rsrc/2052/ICON/2.ico
.rsrc/2052/MENU/1039
.rsrc/2052/MENU/127
.rsrc/2052/TEXTINCLUDE/1
.rsrc/2052/TEXTINCLUDE/2
.rsrc/2052/TEXTINCLUDE/3
.rsrc/2052/string.txt
.rsrc/2052/version.txt
.rsrc_1
CERTIFICATE
UPX1
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 916KB - Virtual size: 913KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 868KB

UPX1 Size: 507KB - Virtual size: 508KB

.rsrc Size: 75KB - Virtual size: 76KB

Headers

File Characteristics

Sections

.text Size: 916KB - Virtual size: 913KB

.rdata Size: 180KB - Virtual size: 178KB

.data Size: 84KB - Virtual size: 190KB

.rsrc Size: 76KB - Virtual size: 76KB

UPX0
Size: - Virtual size: 868KB

UPX1
Size: 507KB - Virtual size: 508KB

.rsrc
Size: 75KB - Virtual size: 76KB

.text
Size: 916KB - Virtual size: 913KB

.rdata
Size: 180KB - Virtual size: 178KB

.data
Size: 84KB - Virtual size: 190KB

.rsrc
Size: 76KB - Virtual size: 76KB