3885947f92e29efda5b99462e34730a916d302802bb74916651d4b41753d621f[.]zip

General

Target

3885947f92e29efda5b99462e34730a916d302802bb74916651d4b41753d621f.zip
Size

2.2MB
MD5

f33684f7e00199a8864b65776a5df500
SHA1

ff53955371c6e36bf69988befafbefefa9e0cb37
SHA256

db5d969ed82a8f31442e9e80fbe8f3bb931b9aea5d130a7347b1e7fd3aabb1dd
SHA512

f868f49b8371e7c9d59e67b8323513abe93a3b2c1510c5f9636e9c01933d32d040056a6a15467c5122ddb25b4b8211e1878210b2aaf4251d18807e997f02bfa0
SSDEEP

49152:1w6bd8HQCMQfecMYBIjwuPKIX3nMI/vMunZmWJUNoqthBNCLv+:172QLQ27YBIjpCPUv7nQJthBNE+

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/3885947f92e29efda5b99462e34730a916d302802bb74916651d4b41753d621f	upx

3885947f92e29efda5b99462e34730a916d302802bb74916651d4b41753d621f.zip
.zip

Password: infected
3885947f92e29efda5b99462e34730a916d302802bb74916651d4b41753d621f
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 5.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE