9d516c10fbc4b06f02c5ca1b94e7858e1c03c937e23a6a92cc77aad1a98f1de0[.]exe[.]zip

General

Target

9d516c10fbc4b06f02c5ca1b94e7858e1c03c937e23a6a92cc77aad1a98f1de0.exe.zip
Size

3.5MB
MD5

15b88f2f0841b709b53a2e752016c459
SHA1

e4c444f78a68869637580973ffcec128bfd68ee9
SHA256

03edbbabdab6241a62d2b2bdaaa55e02e392be944613bfd7417274663f254dfb
SHA512

c039863aca9730d1ab1a75010a1e0232f5cdf6f58ed157eef19e02998e9fa6d6134e3907584c9d483a3694f15a63c9c48e72abc2b83ca240f137b5fd6088b51e
SSDEEP

98304:04dEBSFUtKBazSFpJ+L5cnJhp7XrzqMtymgoYuktzna:pEBSutKUu7+LynF7XrfIhuOa

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/9d516c10fbc4b06f02c5ca1b94e7858e1c03c937e23a6a92cc77aad1a98f1de0.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9d516c10fbc4b06f02c5ca1b94e7858e1c03c937e23a6a92cc77aad1a98f1de0.exe

9d516c10fbc4b06f02c5ca1b94e7858e1c03c937e23a6a92cc77aad1a98f1de0.exe.zip
.zip

Password: infected
9d516c10fbc4b06f02c5ca1b94e7858e1c03c937e23a6a92cc77aad1a98f1de0.exe
.exe windows:5 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 11.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE