8bd7b737cca3d6c86855d192fdca6ae38166a8e5a02d02fe0b1d04eb31147203[.]exe[.]zip

General

Target

8bd7b737cca3d6c86855d192fdca6ae38166a8e5a02d02fe0b1d04eb31147203.exe.zip
Size

3.9MB
MD5

56482c53fc47ed059e8fd0c67e944a6e
SHA1

0825709b848f304ccc0141c4e115e1372416bbb5
SHA256

cb5a1e19ed7860d59526597093ef696050595c437fe326b1c2c709994b21bfd2
SHA512

3044fffef6fb7d7e0967f1bfde21770066e25b3f03493243c7931cbc2d85becbdf1915b68cf2baefdc2cefefd8a0ac2599855d402afe23b6f7af95e9fe354a66
SSDEEP

98304:qJOSrPxVyRDEB26gYYl4HeTTyr3N+vanmq4NWhDnU:8xoZEBLgYYuHeTOovmmFmDU

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/8bd7b737cca3d6c86855d192fdca6ae38166a8e5a02d02fe0b1d04eb31147203.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8bd7b737cca3d6c86855d192fdca6ae38166a8e5a02d02fe0b1d04eb31147203.exe

8bd7b737cca3d6c86855d192fdca6ae38166a8e5a02d02fe0b1d04eb31147203.exe.zip
.zip

Password: infected
8bd7b737cca3d6c86855d192fdca6ae38166a8e5a02d02fe0b1d04eb31147203.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 12.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE