75cdc74befd8c953ee2c022bd8366633[.]bin | Triage

Sharing

General

Target

75cdc74befd8c953ee2c022bd8366633.bin
Size

605KB
MD5

4521801bbab4b664b0fffdb8e59b6edc
SHA1

02374d88f722d751fdde4bc84082f44380da5f49
SHA256

ac8ba20c404b218898e964fa33cb7ded8546382af746d8164c349993cf9b8873
SHA512

736db967741807b2e874e8fc77c75d7b70613d8cf2fdb0614db3cc267060b67b7cec941810509f97365f614da08c71ac3838aac9038530329ad4c9761f463a29
SSDEEP

12288:Clc0H0fZUxMO61iVVZ4usRuECpWKyr2sChTzdpGpizKOQbJ9VLvI3kQ:ClpH0fa61iVXeRnCpE8hnXbeO4J9VUkQ

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/fda844b16b91a38417af25d13bd0992c3344de12ebcd0283732a3e0a6e91811d.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fda844b16b91a38417af25d13bd0992c3344de12ebcd0283732a3e0a6e91811d.exe
unpack002/out.upx

Files

75cdc74befd8c953ee2c022bd8366633.bin
.zip

Password: infected
fda844b16b91a38417af25d13bd0992c3344de12ebcd0283732a3e0a6e91811d.exe
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 936KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 606KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ