f32360eee626d77dbab79d641dbbd2a145111c32ff8955be9f743b8090d35a7d[.]exe[.]zip

General

Target

f32360eee626d77dbab79d641dbbd2a145111c32ff8955be9f743b8090d35a7d.exe.zip
Size

111KB
MD5

8812d247d586e8db695352dae5ce69ae
SHA1

39fb8f2eef161133e0abf330f6945518c2723904
SHA256

1e932a7ba976baed4bfc9264b74a53be9bcd245d1affea04d34eb2af59e235ec
SHA512

75c2e6688325ee2783c70dc3da8c4089d9b79cc0e7784ce89cebfe1a482ffbc9862c86a0b29e4577e32f4f4383f0959b2e198ad01da50c495625edad9562808a
SSDEEP

1536:/7KGuJv3n0s8ENCzUIECvEy9oK668h1KiskjymRF9/c1hyAySTUf2poRsIwsUvmi:/WZv3n05EYRiK6661KcymOGAXm2poR63

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/f32360eee626d77dbab79d641dbbd2a145111c32ff8955be9f743b8090d35a7d.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f32360eee626d77dbab79d641dbbd2a145111c32ff8955be9f743b8090d35a7d.exe
unpack002/out.upx

f32360eee626d77dbab79d641dbbd2a145111c32ff8955be9f743b8090d35a7d.exe.zip
.zip

Password: infected
f32360eee626d77dbab79d641dbbd2a145111c32ff8955be9f743b8090d35a7d.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ