11378218825[.]zip | Triage

Sharing

General

Target

11378218825.zip
Size

31.8MB
MD5

e512dc343048945c1fca927fb1bed5be
SHA1

84b1d182e99ef7bb0adfa2a7b067ee5aa25fc392
SHA256

e3c5abdb88944bfecb82d94034fe5b7e7d630cf0c014b20b297c1ee8ca2d95b9
SHA512

17c1b91458f1916c404ce29837eb38d9b233992c8a94d2992418ca2e6c97762130dc58a12063627ef03fb2695200310e91f3b0ca1fe17e29fe970a74f58571f4
SSDEEP

786432:x1061AVolncaMMJySXRmPpP83KOYALsiwQjQQQTgItCwfTnNEt:PH2VoJvMMEQV35Y9iwQ0guo

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/aca3e4107fe55d58ebbba9acbfe2b80474e50d086724eb999c5320df30bca9f6	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/aca3e4107fe55d58ebbba9acbfe2b80474e50d086724eb999c5320df30bca9f6

Files

11378218825.zip
.zip

Password: infected
aca3e4107fe55d58ebbba9acbfe2b80474e50d086724eb999c5320df30bca9f6
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 151.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 33.6MB - Virtual size: 33.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE