06c48ef8a0b5f620c6b6e306afdd769e5fe55266260351c55e40f38a1a8ad405[.]exe[.]zip

General

Target

06c48ef8a0b5f620c6b6e306afdd769e5fe55266260351c55e40f38a1a8ad405.exe.zip
Size

162KB
MD5

fe870352037ad75e5e49c42038d23237
SHA1

1017d505f4d6ceed309af5ef15296683aa873c88
SHA256

175f150dfb87a06f2a9798902fd20311dd2ec9ed43a12ef2e0d8d80bc689ece7
SHA512

af54d424bd4917ead666356a83bb9e634c5e6a9ea4a48f022436befb4ab432893af3565deb284e149c38d815302c74457b8735533089f687b67676fca1ba5cd5
SSDEEP

3072:0Z4tg5Jw6MAz7NVS2CWbciIuMkTnPciuXuq5SIfp4/ewvXbRbafvcMu:0Z4tg56VAPkWbj1Mk7Pdue0h4/egXbRF

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/06c48ef8a0b5f620c6b6e306afdd769e5fe55266260351c55e40f38a1a8ad405.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/06c48ef8a0b5f620c6b6e306afdd769e5fe55266260351c55e40f38a1a8ad405.exe
unpack002/out.upx

06c48ef8a0b5f620c6b6e306afdd769e5fe55266260351c55e40f38a1a8ad405.exe.zip
.zip

Password: infected
06c48ef8a0b5f620c6b6e306afdd769e5fe55266260351c55e40f38a1a8ad405.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 520KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 135KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 193KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE