77c520bfbe40809bdd365e545e044b0d5f16fd027efebac30442530673b08d9f[.]exe[.]zip

General

Target

77c520bfbe40809bdd365e545e044b0d5f16fd027efebac30442530673b08d9f.exe.zip
Size

1.2MB
MD5

5cbc6708ac3a78049590a651c0ddc8d1
SHA1

b84df92f76bd8c539a53ceb32dd81a8caf81378a
SHA256

5d0e7df9ee17c9feccd85802c8140d9d1ced9e08b1a6480413aea966c43f19a6
SHA512

c9f4072bd5292d4176b7c18c51896908300231b589e7d9f5c0a353fddb57a984bc3e68d44710e5b6503bfb95e191ff3bb041f27323d2396a003a5c5836ad2f78
SSDEEP

24576:P9YpCLA2As7IhsPQqeEF8bl6ZupOOkLIUIveOCMSNS6:PypVks2Ire8i8OOGECMt6

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/77c520bfbe40809bdd365e545e044b0d5f16fd027efebac30442530673b08d9f.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/77c520bfbe40809bdd365e545e044b0d5f16fd027efebac30442530673b08d9f.exe

77c520bfbe40809bdd365e545e044b0d5f16fd027efebac30442530673b08d9f.exe.zip
.zip

Password: infected
77c520bfbe40809bdd365e545e044b0d5f16fd027efebac30442530673b08d9f.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE