88262a78ce91985653afffc74d9938050e56113840efbc67ee98eb9483fe1f22[.]zip

General

Target

88262a78ce91985653afffc74d9938050e56113840efbc67ee98eb9483fe1f22.zip
Size

536KB
MD5

2c2fa1b02f376733d497c71cf8ab7569
SHA1

f9f36beb9943a2764628032903538da159b0ffc0
SHA256

d692d80aed25af64e1f42d2bddacb48d91b5ddd2fc017a6eaf4ce551b8dc0bcd
SHA512

077194fecea98c286cbe85b660bf9e761aecb1e1d34578fcc4d3085e2ed1847e9363bf7d6b584e6c2ff970087d187650529b25ae4bc8f35febfaef222196b52b
SSDEEP

12288:wBBrh3FuCX5B1AOrOMnwfzW5MOXEXe/C2l3q0xG/lEyUY:wBrhVrrvO8kz8EXe/CU/Gt

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/88262a78ce91985653afffc74d9938050e56113840efbc67ee98eb9483fe1f22.exe	upx

88262a78ce91985653afffc74d9938050e56113840efbc67ee98eb9483fe1f22.zip
.zip

Password: infected
88262a78ce91985653afffc74d9938050e56113840efbc67ee98eb9483fe1f22.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 864KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 537KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE