5a0f83c2d2146c50a96e72f918a9bf362667c337e209b1a9eae8a6fdc4e5dce6[.]exe[.]zip

General

Target

5a0f83c2d2146c50a96e72f918a9bf362667c337e209b1a9eae8a6fdc4e5dce6.exe.zip
Size

143KB
MD5

147db5ac111b3e9d18434545645f4622
SHA1

64bcbf1dc84743474b427157632f6e57849a2cc7
SHA256

4d402e7cef0b33a2eb74e43b4b66523da70c58069125fa3d987978f018c4ebd6
SHA512

69cfd843dda9eed1907e36be3f8b46006573dc0d6a1e598a294cefd40cc1d838664cc4624067dea91b9896b1ffe69e8bcb302e0afb14db5c1405246d9fcf4ca2
SSDEEP

3072:xTlKFk8fpPgkDVnmtP9CdipiUn+avj+/P4GidB8P1Gojty:YnJgYiw/P4L8zjY

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/5a0f83c2d2146c50a96e72f918a9bf362667c337e209b1a9eae8a6fdc4e5dce6.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5a0f83c2d2146c50a96e72f918a9bf362667c337e209b1a9eae8a6fdc4e5dce6.exe

5a0f83c2d2146c50a96e72f918a9bf362667c337e209b1a9eae8a6fdc4e5dce6.exe.zip
.zip

Password: infected
5a0f83c2d2146c50a96e72f918a9bf362667c337e209b1a9eae8a6fdc4e5dce6.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 256KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 143KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE