d1952c8c68ba9c7a1b69b39fac28e1350d74373929e87e11576d0d79bbceb00f[.]zip

General

Target

d1952c8c68ba9c7a1b69b39fac28e1350d74373929e87e11576d0d79bbceb00f.zip
Size

360KB
MD5

97512d7d6f5cb00f5619452461b542ad
SHA1

51e50615b4cbda3182ac7cd666f8073a8eefffdc
SHA256

30ba84b9b9bd9b7a1f57ae525d3fab52547d37e7ca20f87e71d169e482697365
SHA512

26b478b6f5208580dd9aeece969a45f004ecc4c07d9135ecc2c04efabff6b6ef7e7f6eb2c0fc8a163a94f33811175849d2ebf43b93c092e049d2fbdf858593dd
SSDEEP

6144:N2TIHn+QYMxdws2M9uNTO9K4l6TZox77byXURdk4h6tSDdarJ4RKvGGOnI8Aqu17:GInFYqwRMma9LU1ox77byXouBs8iRbT2

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/d1952c8c68ba9c7a1b69b39fac28e1350d74373929e87e11576d0d79bbceb00f	upx

d1952c8c68ba9c7a1b69b39fac28e1350d74373929e87e11576d0d79bbceb00f.zip
.zip

Password: threatbook
d1952c8c68ba9c7a1b69b39fac28e1350d74373929e87e11576d0d79bbceb00f
.exe windows x86

Password: threatbook

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 760KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 383KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ