eabaa1f287bbc58656b80997e215a16c2aae01644f8bb46c2929f625266b6648[.]exe[.]zip

General

Target

eabaa1f287bbc58656b80997e215a16c2aae01644f8bb46c2929f625266b6648.exe.zip
Size

4.2MB
MD5

65a8d55112171506677bf2af93a2bfce
SHA1

489aa8c4aed44bcb5886e2d6a6794aacd097fe0f
SHA256

78937863b349a46166b1cc019932f2f68c369f9e93c003218ac60ed5b7bf3784
SHA512

a52257f4a8308645e26cf47c4b1d34199b029af82c7668eeeadd154f8221d5c9454d1309a3e96d2c7b766a24bd2e076abdf665b91f9a5f2428caa0c6b0162fee
SSDEEP

98304:rtQS8n29zjOmseggGlaxwhjbOGj25T/lO34X68Ck8XQ5WarJLMO:rGby5n43O9R/okmclFYO

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/eabaa1f287bbc58656b80997e215a16c2aae01644f8bb46c2929f625266b6648.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/eabaa1f287bbc58656b80997e215a16c2aae01644f8bb46c2929f625266b6648.exe

eabaa1f287bbc58656b80997e215a16c2aae01644f8bb46c2929f625266b6648.exe.zip
.zip

Password: infected
eabaa1f287bbc58656b80997e215a16c2aae01644f8bb46c2929f625266b6648.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 13.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE