9341603652[.]zip | Triage

Sharing

General

Target

9341603652.zip
Size

2.1MB
MD5

47e433c8831577f617d6bfc8769c4663
SHA1

2d439ad36487a3c1a954115a07ddaad8998d62fe
SHA256

9b06785cc3849340b17522965eeb9d19239be9bd006cb07988279bc4588ea982
SHA512

5b876a6843ce63f048829222288420d175b7996a737c9285e2abf2881df4a7e78d877a266a20edecc036eb328ebb4b74916ef103024b8f45093220755fcb9e71
SSDEEP

49152:H+CljMdhNKAPM8EmqYgImR5YESOs/Y5GzEV1AKOd7UDp4jPi:ZlANnP5EF5YX2/otIujPi

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
static1/unpack001/731e1a498611e33e76f3e69386fd70281168da539d0005212bc3bd4d0ce1b117	upx

Files

9341603652.zip
.zip

Password: infected
731e1a498611e33e76f3e69386fd70281168da539d0005212bc3bd4d0ce1b117
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 5.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE