065bb2182303f497e0adbb4409cc0680658a49fdbaf4bc09ea8bae96be17842b[.]exe[.]zip

General

Target

065bb2182303f497e0adbb4409cc0680658a49fdbaf4bc09ea8bae96be17842b.exe.zip
Size

147KB
MD5

80c8cf674d1cf3afd5b81394b7959182
SHA1

8ca082f72502c276550ec787cd6a242123973e9e
SHA256

4e82a94ac12d06931cdb40fe8199fb0d55ff3f68521a3b9d5a91bdecf8f537f7
SHA512

d122241ec9267ef67b9996e0e30664de8be5dacef372c34fbe704b69a33c90fdb8398594eeee1efd73b7cfaea1966ad1b1b86dfb27262c7e72886164cd35fd14
SSDEEP

3072:lq6t1pS6nv/xiUTK+Uox89iQ1qrJqjeiKliNbbJ8hWi:lqKft3xd89iTrciVliN/OhWi

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/065bb2182303f497e0adbb4409cc0680658a49fdbaf4bc09ea8bae96be17842b.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/065bb2182303f497e0adbb4409cc0680658a49fdbaf4bc09ea8bae96be17842b.exe

065bb2182303f497e0adbb4409cc0680658a49fdbaf4bc09ea8bae96be17842b.exe.zip
.zip

Password: infected
065bb2182303f497e0adbb4409cc0680658a49fdbaf4bc09ea8bae96be17842b.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 396KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE