facb94b82b4d1836e7bf4d410f0e24afb93bf79b4caf8a5311880c5fcd82963f[.]zip

General

Target

facb94b82b4d1836e7bf4d410f0e24afb93bf79b4caf8a5311880c5fcd82963f.zip
Size

357KB
MD5

60c8e8f2fba1cc2b9387766850f038a6
SHA1

d557401fe1072bbd81778d98dfce8733c8d3e8a4
SHA256

6cf284feff783f1fea0ab3544de3916f73aee886327a302a3c1a54bbcfc634a5
SHA512

ccb98f36b004ad3e9eccede35ae31d28239350bdcff3dadc31775a4d1796814825cc0c6263e95402a73c18f70f91278c00784c419e3483aa08ab4ddd1e37e85c
SSDEEP

6144:oEntlXr0u0cD2Kh6ORAyV1vjxSplwNRrsOYLg4LLZ4z2ojPPWtwCEISgF2vs/Aa0:ft9S62W6OAybslwPrSEeLZz0PPW2d8d+

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/facb94b82b4d1836e7bf4d410f0e24afb93bf79b4caf8a5311880c5fcd82963f	upx

facb94b82b4d1836e7bf4d410f0e24afb93bf79b4caf8a5311880c5fcd82963f.zip
.zip

Password: threatbook
facb94b82b4d1836e7bf4d410f0e24afb93bf79b4caf8a5311880c5fcd82963f
.exe windows x86

Password: threatbook

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 383KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE