69d0fc4b63eee04366f2d1df6ea7b12f1e021b97721d15000b46e00be541e235[.]zip

General

Target

69d0fc4b63eee04366f2d1df6ea7b12f1e021b97721d15000b46e00be541e235.zip
Size

46KB
MD5

61a3378ed8a527e7d0ba280716d10dde
SHA1

df6aafdd276664f8b67bfb8ba5b15ed32bd44084
SHA256

53c6e8e8f5a829cfeeab3f93718fdce6d098f86193a38f07680b066432192fb9
SHA512

ac2876a935411d8d2daf7ab63fe071bb5f52e2fafa29670689ef442aaf8c4c2cf02f60fd33a7e4c27dd52de73285b27dc2aabbaed7063fa06722592b74fd4e86
SSDEEP

768:eJnCHvEq/2ARkrreQcNYN/OZTx8fmSKjPkfyh2GU58mB7xQTzbroK1emBpdDUWC:e1uvvpkrreQcQSx8RKjPkfdTnxQzrogy

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/69d0fc4b63eee04366f2d1df6ea7b12f1e021b97721d15000b46e00be541e235	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/69d0fc4b63eee04366f2d1df6ea7b12f1e021b97721d15000b46e00be541e235
unpack002/out.upx

69d0fc4b63eee04366f2d1df6ea7b12f1e021b97721d15000b46e00be541e235.zip
.zip

Password: threatbook
69d0fc4b63eee04366f2d1df6ea7b12f1e021b97721d15000b46e00be541e235
.exe windows x86

Password: threatbook

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 23.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 339B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 23.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE