c3681da8cdbba19041d36bb0fbec162ddaae98a2ba9fe2b29d252e26f64a4ec8[.]zip

General

Target

c3681da8cdbba19041d36bb0fbec162ddaae98a2ba9fe2b29d252e26f64a4ec8.zip
Size

4.0MB
MD5

2c266fc002c1f072d47462d0e23c5d2c
SHA1

252cda51c8744d1395800b89cf00449c73a0fd30
SHA256

8edeb501cb81a79e444ab29f7be396990deca5838fb8120565113b6aa75a5bfe
SHA512

0752590575db177dabeeecaf602f1e2de476b579b3d6ddcca5c2207d725bb03880ac1925532bf6539375616bd79df589cfb9848f73bd3b1f855654ed2bdc7971
SSDEEP

98304:1fr/0xZLwgpACYmhQIAxxSWKT0s/gI+cTLrh1WSzyF1g:1frsZLcmhQIAMt/gxcPtgSW1g

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
static1/unpack001/c3681da8cdbba19041d36bb0fbec162ddaae98a2ba9fe2b29d252e26f64a4ec8	upx

c3681da8cdbba19041d36bb0fbec162ddaae98a2ba9fe2b29d252e26f64a4ec8.zip
.zip

Password: threatbook
c3681da8cdbba19041d36bb0fbec162ddaae98a2ba9fe2b29d252e26f64a4ec8
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE