d64dbc0f798716f09aaf87e6c98401e19d23ee8bfa69c1274f8fe865731cfb7c[.]exe[.]zip

General

Target

d64dbc0f798716f09aaf87e6c98401e19d23ee8bfa69c1274f8fe865731cfb7c.exe.zip
Size

477KB
MD5

818d672adc5b46f4fb86e14298065a8c
SHA1

3ab4a5f513784c33af84b136a209c69f9180c695
SHA256

5fffeae6496369e9f38dc3d9fdf27841e45cf4342e527592e486ed89e9886a00
SHA512

c781a2ff495c6fd1e7e4333d9ddce1bf2fbf167ee38f45b94a72ecf08a4a9020d43237855627de048ce767d21bec4ca0bd0840a504bbf1a31d83a1c4e1191417
SSDEEP

12288:aIsT3kAxtR5egkcvqB1XZgxevhNtuqxXIRMXA:2jfLegkBrXZQeISIRMQ

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/d64dbc0f798716f09aaf87e6c98401e19d23ee8bfa69c1274f8fe865731cfb7c.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d64dbc0f798716f09aaf87e6c98401e19d23ee8bfa69c1274f8fe865731cfb7c.exe

d64dbc0f798716f09aaf87e6c98401e19d23ee8bfa69c1274f8fe865731cfb7c.exe.zip
.zip

Password: infected
d64dbc0f798716f09aaf87e6c98401e19d23ee8bfa69c1274f8fe865731cfb7c.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 696KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 373KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE