a24a01b22aa37da8795e7ccacfc5a055187b52cdc29a2330c733dbf7b33756d1[.]exe[.]zip

General

Target

a24a01b22aa37da8795e7ccacfc5a055187b52cdc29a2330c733dbf7b33756d1.exe.zip
Size

313KB
MD5

7fe5da4baa572fa504e510315be28b89
SHA1

c0b76f23c33c03923e373bab4aa935be5ac196c9
SHA256

c0e5af4fe5b37cf9344974d8479c0768345a93a9c2456653d6241f6aeaa413fd
SHA512

411a63535f5912dfd7a275fe37b745aafd36c221ea7944233acd16dea924c14d4cf424ee3264506d9fbf3b162771f57c86a8358093c1014ccc021bab034af7e3
SSDEEP

6144:W0CWymF39oJV6PnpHEhrEwFcrYatlDJUVDdL1sGtFPGx6NWlcKk1i7:W0CWyy39oLOHEhrEwFcrFDJEZTPQkoH7

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/a24a01b22aa37da8795e7ccacfc5a055187b52cdc29a2330c733dbf7b33756d1.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a24a01b22aa37da8795e7ccacfc5a055187b52cdc29a2330c733dbf7b33756d1.exe
unpack002/out.upx

Files

a24a01b22aa37da8795e7ccacfc5a055187b52cdc29a2330c733dbf7b33756d1.exe.zip
.zip

Password: infected
a24a01b22aa37da8795e7ccacfc5a055187b52cdc29a2330c733dbf7b33756d1.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 580KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 311KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 683KB - Virtual size: 682KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 580KB

UPX1 Size: 311KB - Virtual size: 312KB

.rsrc Size: 10KB - Virtual size: 12KB

Headers

File Characteristics

Sections

CODE Size: 683KB - Virtual size: 682KB

DATA Size: 7KB - Virtual size: 7KB

BSS Size: - Virtual size: 2KB

.idata Size: 10KB - Virtual size: 9KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 37KB - Virtual size: 36KB

.rsrc Size: 124KB - Virtual size: 124KB

UPX0
Size: - Virtual size: 580KB

UPX1
Size: 311KB - Virtual size: 312KB

.rsrc
Size: 10KB - Virtual size: 12KB

CODE
Size: 683KB - Virtual size: 682KB

DATA
Size: 7KB - Virtual size: 7KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 10KB - Virtual size: 9KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 37KB - Virtual size: 36KB

.rsrc
Size: 124KB - Virtual size: 124KB