46a05fe91b5be8251fe243f74288a37e085146fc4d9245173069600525693143[.]exe[.]zip

General

Target

46a05fe91b5be8251fe243f74288a37e085146fc4d9245173069600525693143.exe.zip
Size

652KB
MD5

33bc6459961d7f3cf15e1a702a85c6ad
SHA1

ae39dfa0816cb90dc43db3c2635f5bedaff7187c
SHA256

44496d85734257467018e9a0106f4e2eb8e35f5fb1b6ab45813e436f083436ac
SHA512

30f72359226464b6c24f6f86325c0546d2f8bb3909606368699da983e0b0d34c34fbc71aa2ca9bc38498acaa81101df174b04fc1b3bd606f820f4df9fa8e70bc
SSDEEP

12288:hkl2lxwCLGm8vJkD8GBivNstgOqR7HJ4TvDdkpQ2IaRP46FT9zODmucbHLWA70:hkl2jbamJ8GBi8gOqRCTb+Q2zt46FTVQ

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/46a05fe91b5be8251fe243f74288a37e085146fc4d9245173069600525693143.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/46a05fe91b5be8251fe243f74288a37e085146fc4d9245173069600525693143.exe

46a05fe91b5be8251fe243f74288a37e085146fc4d9245173069600525693143.exe.zip
.zip

Password: infected
46a05fe91b5be8251fe243f74288a37e085146fc4d9245173069600525693143.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 956KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 634KB - Virtual size: 636KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE