0eba74f951b3c91a4c722d02cf2c0e377d7ce1e242a661a6fe9333580a5ad4d6

Sharing

Target

0eba74f951b3c91a4c722d02cf2c0e377d7ce1e242a661a6fe9333580a5ad4d6
Size

936KB
MD5

2071e7aafe8a5db09fff23762d2b449c
SHA1

34d7501e6dae793af5b99a065887083d94485588
SHA256

0eba74f951b3c91a4c722d02cf2c0e377d7ce1e242a661a6fe9333580a5ad4d6
SHA512

97cec7a577adde24663ddece68f6058cb9cb127c509c43f7f6dfe6f34d17a4ee6a5fe9138fff8674c133044729662aaa6321651a5c7dc7b4bdb90d0ad48c7373
SSDEEP

24576:TXiiMmGp5FXW39+zkDV1/V8uIH7Psxnh/EzpEDugo:jBMmcFtSVVIbihszFgo

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
static1/unpack002/sales payment.scr	upx

0eba74f951b3c91a4c722d02cf2c0e377d7ce1e242a661a6fe9333580a5ad4d6
.eml
- http://www.international-service.ro/
email-html-2.txt
.html
email-plain-1.txt
sales payment.7z
.rar
sales payment.scr
.exe windows x86

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 876KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 341KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 369KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE