9be349a73eaf8c768f2d1db0fdb8011c7ff9013df5f88c81a6e488605d3bc8dc[.]exe[.]zip

General

Target

9be349a73eaf8c768f2d1db0fdb8011c7ff9013df5f88c81a6e488605d3bc8dc.exe.zip
Size

476KB
MD5

934d5b91240fd93986fd02f69a40f4b7
SHA1

d07347761b7a62b96c1eb1a395439d2dd306d718
SHA256

1027f1da5824eca535973b1c51aa4afef29eb0dee08ddb428cd892dc6964fdd4
SHA512

3cd892bb108da7507b804a2a44783bc0e6f3c135ccfef38e14959a250a4ee199b06ee70bdb4d16e1a38addca0b2838360d2f66f8852db873994dc2212d991cc9
SSDEEP

12288:ON9aFdviM5zDd9qFP5KLcFb/5aWVAQKnGNX9G7HM:2Jsd9qFP0cPGQcS9G7s

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/9be349a73eaf8c768f2d1db0fdb8011c7ff9013df5f88c81a6e488605d3bc8dc.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9be349a73eaf8c768f2d1db0fdb8011c7ff9013df5f88c81a6e488605d3bc8dc.exe

9be349a73eaf8c768f2d1db0fdb8011c7ff9013df5f88c81a6e488605d3bc8dc.exe.zip
.zip

Password: infected
9be349a73eaf8c768f2d1db0fdb8011c7ff9013df5f88c81a6e488605d3bc8dc.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 696KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 373KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE