a2ca120e9a92a81447fd7d23274dab3aa10994e8f8637a70a44aa63265bd3a80[.]exe[.]zip

General

Target

a2ca120e9a92a81447fd7d23274dab3aa10994e8f8637a70a44aa63265bd3a80.exe.zip
Size

292KB
MD5

d9d0943fb8b64b7a36d75a29facabcd9
SHA1

c933018b0c5857a9aaf4a20f1b75a886dc36a4f8
SHA256

b167d2a16546df848f18df9530939e38e7d1b4d56b3e36757f45c1fce02bfd47
SHA512

a38a213e2c6952a60001a191781f9e9ebd89b74ef9491e88cbb603647851a42689434b4f263569d6736c78ed45a1f1e0a33eb9c1234fffd8e70df0695617bc51
SSDEEP

6144:4ECkjnA/nX24tkK1CsZYCgwIvZW7gS1FamVhWkiK7z19fh+iJK/i5Dwx38blF48j:4Cyl1CsZswqZW7gRmVnHfhpK/KA8g8j

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/a2ca120e9a92a81447fd7d23274dab3aa10994e8f8637a70a44aa63265bd3a80.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a2ca120e9a92a81447fd7d23274dab3aa10994e8f8637a70a44aa63265bd3a80.exe
unpack002/out.upx

a2ca120e9a92a81447fd7d23274dab3aa10994e8f8637a70a44aa63265bd3a80.exe.zip
.zip

Password: infected
a2ca120e9a92a81447fd7d23274dab3aa10994e8f8637a70a44aa63265bd3a80.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 576KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 230KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 468KB - Virtual size: 467KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ