a44a3911b961abfe70fa83dd51f12a6e1a874d278c473979ab4208cdc049f1a6[.]exe[.]zip

General

Target

a44a3911b961abfe70fa83dd51f12a6e1a874d278c473979ab4208cdc049f1a6.exe.zip
Size

477KB
MD5

dda446d1f64b3707d934c8f5dddb1980
SHA1

c1b99128150956efea04411e148be50f8e29a592
SHA256

b8547428b34d2af2e8abb25edfd85b1bb8cc56b5ca6534922254f9ea6b4ed1f5
SHA512

a50535c1485de159e9e90929e12bd44df4f27f55b533c7f3dd357ab3921daa03dade93595a4b752ff190e219e0db179c0fff66faf14bdf6d3278a0380e5b9e96
SSDEEP

12288:jTKvNuQ7VKIPpNSmIvqodg+Im83tAEd0p:yvZV7xNncq4g+u3N0p

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/a44a3911b961abfe70fa83dd51f12a6e1a874d278c473979ab4208cdc049f1a6.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a44a3911b961abfe70fa83dd51f12a6e1a874d278c473979ab4208cdc049f1a6.exe

a44a3911b961abfe70fa83dd51f12a6e1a874d278c473979ab4208cdc049f1a6.exe.zip
.zip

Password: infected
a44a3911b961abfe70fa83dd51f12a6e1a874d278c473979ab4208cdc049f1a6.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 696KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 373KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE