2a18f5a009d9e2320aef0f601aae37b24c50100446dcd0c5b6661b4af0cf2fda[.]exe[.]zip

General

Target

2a18f5a009d9e2320aef0f601aae37b24c50100446dcd0c5b6661b4af0cf2fda.exe.zip
Size

477KB
MD5

f8e07a4fe1c314a1b44f51695ece6501
SHA1

fa6a4dde12138476ea25d7920053eb273d20594b
SHA256

9056691881d8368047a44530a8b49f32fd7b7f86ee2c3a9b8204b71293dc96bb
SHA512

b5eaaae0cc4baaa4d44bf6eae8261c93f888091a3f89b36f2e2d2c581b70a82a8b266ccb8a0c1f28c19dfc3ee90c5f26b868aa7f3cfd64f98556686edd73da53
SSDEEP

12288:hUFKkme7aR9Ea/PN/s+sUGvP7FdfcyPt0PBHexv9jHZd4S:e05e7EN/PNheB/I0xljj

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/2a18f5a009d9e2320aef0f601aae37b24c50100446dcd0c5b6661b4af0cf2fda.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2a18f5a009d9e2320aef0f601aae37b24c50100446dcd0c5b6661b4af0cf2fda.exe

2a18f5a009d9e2320aef0f601aae37b24c50100446dcd0c5b6661b4af0cf2fda.exe.zip
.zip

Password: infected
2a18f5a009d9e2320aef0f601aae37b24c50100446dcd0c5b6661b4af0cf2fda.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 696KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 373KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE