f46b22b0f4e301123e9901d42a32e3ececa1d7839e99a5af6d6470ee45f15651[.]exe[.]zip

General

Target

f46b22b0f4e301123e9901d42a32e3ececa1d7839e99a5af6d6470ee45f15651.exe.zip
Size

634KB
MD5

70de5bafb68c225be58a99f0ced737db
SHA1

356128831d0d5af1b0db3d2368e2c38fa560270c
SHA256

24c8abb71965ffcee3c666d85c4d9ac6c93ee3424c5b82e3231aa724eed72fa8
SHA512

f9bd11e9830a1f87d0d310d19d1f19b090318f005d89916e4d637c66d40340cbb0b72988424bf24e26be77c1ced5d4099049b2bfc3f3b4331e6bf2e391ad4b80
SSDEEP

12288:9D3LSVRFmYxBGDgIDiXqitzK5xix5CtKg8IX9LZTxpNz+K8Rk/B:9/cmYjGDcvzKMCB9tT9S1RGB

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/f46b22b0f4e301123e9901d42a32e3ececa1d7839e99a5af6d6470ee45f15651.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f46b22b0f4e301123e9901d42a32e3ececa1d7839e99a5af6d6470ee45f15651.exe

f46b22b0f4e301123e9901d42a32e3ececa1d7839e99a5af6d6470ee45f15651.exe.zip
.zip

Password: infected
f46b22b0f4e301123e9901d42a32e3ececa1d7839e99a5af6d6470ee45f15651.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 635KB - Virtual size: 636KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE