240883290c94c74905b4512cd2631c5fa68c95beb90a8e4580c5f195c8d1ac6a[.]exe[.]zip

General

Target

240883290c94c74905b4512cd2631c5fa68c95beb90a8e4580c5f195c8d1ac6a.exe.zip
Size

114KB
MD5

87fea10aee6036dd625a1115290745e6
SHA1

0c66f1eb38700361c2b2508c9ecac95e8cb5bec1
SHA256

a1f43bebeb4d17ee87e72b245aa1e675e44b92e2b1e394f74e0e302a5f2d1d91
SHA512

2a3c6f40ccae710dea0da42a8ab2ae148047648a26fb82f01d10aaedd0fb27462479bbc5d9e43a6601e98a9a5d1b654ec5af0249a5a5958005eefc4d9d0bfaa0
SSDEEP

1536:pAJpcI1W7L1KDSjviKkLUTBtvgwvrm5DKT2KhlBT7tv0I4j3TD0gYFiDtFVh+tRQ:G7cIE1OSjUQT7gB1UlNaJj3f0gYFiFIQ

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/240883290c94c74905b4512cd2631c5fa68c95beb90a8e4580c5f195c8d1ac6a.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/240883290c94c74905b4512cd2631c5fa68c95beb90a8e4580c5f195c8d1ac6a.exe
unpack002/out.upx

240883290c94c74905b4512cd2631c5fa68c95beb90a8e4580c5f195c8d1ac6a.exe.zip
.zip

Password: infected
240883290c94c74905b4512cd2631c5fa68c95beb90a8e4580c5f195c8d1ac6a.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 164KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ