b72ef447da12798e2bb31945e0e8a5743a6de841629073095647ff5fd5133012[.]exe[.]zip

General

Target

b72ef447da12798e2bb31945e0e8a5743a6de841629073095647ff5fd5133012.exe.zip
Size

934KB
MD5

02e343c011cdd4fc90d4122627e4e4f3
SHA1

908a4dc340597e99b6a2b6ba342da60c5efc4576
SHA256

277930de1af345a26ab6ef308bb70bf4f570d849d2152b77f3369d24b946b6a5
SHA512

8f1a46935082ae272800a54090cc348b58771aa58e67822fdeac0931aa5e60e01104014716ebea70ecb4d39b5d54507b12c473bc20ff4b5c75f8c618964b2212
SSDEEP

24576:lq2vOLv/SQTAofXTq9icb9d/pPHdfJuP0aplo+ncJ7EI4:lq2v9Q//TEiCd/5WP0afPxR

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/b72ef447da12798e2bb31945e0e8a5743a6de841629073095647ff5fd5133012.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b72ef447da12798e2bb31945e0e8a5743a6de841629073095647ff5fd5133012.exe

b72ef447da12798e2bb31945e0e8a5743a6de841629073095647ff5fd5133012.exe.zip
.zip

Password: infected
b72ef447da12798e2bb31945e0e8a5743a6de841629073095647ff5fd5133012.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 708KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 946KB - Virtual size: 948KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE