8ab562b28b5259cd16e841eaa3aa36836dfa404844a72e41ba9a386e3fcb0bc8[.]exe[.]zip

General

Target

8ab562b28b5259cd16e841eaa3aa36836dfa404844a72e41ba9a386e3fcb0bc8.exe.zip
Size

1.6MB
MD5

035576699a6bc973654dc149a9c7eddb
SHA1

ab1d5dcef6b04442ecb80f7a066017d11b447dca
SHA256

e8c5c6675254663fdc0524207c0a3db88232b4b5f608989e0db5de1520c1f416
SHA512

5a6098e666adcd4111d80db0852d177c2ceadf8bc7fe9713c125b1ac1f4cc326e1e99a4f06126fdc8a93f51c6b3958d11afe861bf3f6f85dbd1c5314275421e5
SSDEEP

49152:4bAkCRWYGWWvP/UsHNzZaAOfynZDlfQZXyFHn2EyUIvYGCz:ZkCgYGWuEsfWanZxKXunXNz

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/8ab562b28b5259cd16e841eaa3aa36836dfa404844a72e41ba9a386e3fcb0bc8.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8ab562b28b5259cd16e841eaa3aa36836dfa404844a72e41ba9a386e3fcb0bc8.exe

8ab562b28b5259cd16e841eaa3aa36836dfa404844a72e41ba9a386e3fcb0bc8.exe.zip
.zip

Password: infected
8ab562b28b5259cd16e841eaa3aa36836dfa404844a72e41ba9a386e3fcb0bc8.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 224KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 133KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE