3924cd917ecc4310e2a88505cf0ddf308ccd053244ead40327747e85cf01fd93[.]zip

General

Target

3924cd917ecc4310e2a88505cf0ddf308ccd053244ead40327747e85cf01fd93.zip
Size

2.0MB
MD5

b625080686782664629f208d1be3fb4d
SHA1

33b3f38d5e45d55a39fb3f2b3e0f223e4954a97d
SHA256

151ec285a259842ff70321d675421945eece0c3d48c6189e26222c55f6481ed9
SHA512

7978eb345b76c6383187f87f7f69aca4c8c73e0f5f01b52448a5dbe89152e9f515922c5b3da0af551d15705196523878081ee7a2849805228c685e1cc082a856
SSDEEP

49152:WNyTPvgCwaPowfY5piQ3tJ8bcph+NBaIwjQq+1i6ohLq2BW8Ce:ky7YCXN3Qkq+MY4LvBUe

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
static1/unpack001/3924cd917ecc4310e2a88505cf0ddf308ccd053244ead40327747e85cf01fd93	upx

3924cd917ecc4310e2a88505cf0ddf308ccd053244ead40327747e85cf01fd93.zip
.zip

Password: infected
3924cd917ecc4310e2a88505cf0ddf308ccd053244ead40327747e85cf01fd93
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 652KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE