896e58f363f548a9f83bfa1f502f1b985c10d6f7e1355a9b6952b7dece36c0f3

General

Target

896e58f363f548a9f83bfa1f502f1b985c10d6f7e1355a9b6952b7dece36c0f3
Size

549KB
MD5

6cb5adad49da49c904fcb3eb24057381
SHA1

6b1e4ffc2aa94395d77b53ff52f5736d8592b25b
SHA256

896e58f363f548a9f83bfa1f502f1b985c10d6f7e1355a9b6952b7dece36c0f3
SHA512

c7fe41c322acb3f445c465b257dcf104bd6c9552c6bd34a390df1019e5936e430f41bdafb9a0147d9deef292713dcbc2df3730b7d4782f86924bde8a3b503ee5
SSDEEP

12288:f079sYVGL9LrI979yI1it4xdZszhoar9jPX4aoVFk/+emw:u9sYMdrE79yyuw2oa9mfkWy

Score

5^/10

upx

Malware Config

Signatures

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack002/out.upx	autoit_exe

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/OC DDLP__ 241119L2.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/OC DDLP__ 241119L2.exe
unpack002/out.upx

Files

896e58f363f548a9f83bfa1f502f1b985c10d6f7e1355a9b6952b7dece36c0f3
.rar
OC DDLP__ 241119L2.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 820KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 336KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 557KB - Virtual size: 557KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 820KB

UPX1 Size: 336KB - Virtual size: 340KB

.rsrc Size: 296KB - Virtual size: 296KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 557KB - Virtual size: 557KB

.rdata Size: 179KB - Virtual size: 179KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 303KB - Virtual size: 303KB

.reloc Size: 41KB - Virtual size: 41KB

UPX0
Size: - Virtual size: 820KB

UPX1
Size: 336KB - Virtual size: 340KB

.rsrc
Size: 296KB - Virtual size: 296KB

.text
Size: 557KB - Virtual size: 557KB

.rdata
Size: 179KB - Virtual size: 179KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 303KB - Virtual size: 303KB

.reloc
Size: 41KB - Virtual size: 41KB