52afb6656959dec2fbe6579b6907d94fe722cb07e588d81ef099c393e1ddcfa7[.]zip

General

Target

52afb6656959dec2fbe6579b6907d94fe722cb07e588d81ef099c393e1ddcfa7.zip
Size

1.6MB
MD5

61d9a1fadebb611e634e3284d42e77c2
SHA1

3b0e469af7340d37a606b3e0a65dddef5af77439
SHA256

f76a15413d0bf36491324738733cd685a0cedd52fc439508dc954dd6ae92360d
SHA512

6a87de1e08737e63e7ecc1b1c58fe1299fcd0bd13d855ebde81b574406433624ddb6edba622a220b48fd3eeef3d599bc7c480e90e1aa728ebe0843d8f265c6b9
SSDEEP

49152:ed64KTwqdN7/o2rmvhaukCAgTe0mNxl/G:epKVfhCZawTVmNxlO

Score

8^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/52afb6656959dec2fbe6579b6907d94fe722cb07e588d81ef099c393e1ddcfa7	upx

52afb6656959dec2fbe6579b6907d94fe722cb07e588d81ef099c393e1ddcfa7.zip
.zip

Password: threatbook
52afb6656959dec2fbe6579b6907d94fe722cb07e588d81ef099c393e1ddcfa7
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE