eedd24769ce49020f0cadc271f9de025134f1c04fbe48b6db076dccbb5f4f53d[.]exe[.]zip

General

Target

eedd24769ce49020f0cadc271f9de025134f1c04fbe48b6db076dccbb5f4f53d.exe.zip
Size

158KB
MD5

7204018d5e1b9b32eec8a553bff87b85
SHA1

b8c64cd297bd42692f1394570af496f68850c672
SHA256

813a3970ac6a0ace92fbad933057d905c9c0df04f400fa63c1354607c8a6098f
SHA512

1d054ca0931e84d1ad1001e0f0fa3049a8f984d6804be765e7745c615480815420010657401b91539ecf381cdc5e7e782321b1ed1d698d01e0ca743dda065662
SSDEEP

3072:Q6tOIrn8vhxptMPOEZ2NAS5EMQI7byO8VHYb1ajJ0IZ7EWR/VeA9DGNzYDFvEra9:Q6t9Sh5iOEZ9YEMP7X8VHxJ05WRgAgNe

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/eedd24769ce49020f0cadc271f9de025134f1c04fbe48b6db076dccbb5f4f53d.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/eedd24769ce49020f0cadc271f9de025134f1c04fbe48b6db076dccbb5f4f53d.exe

eedd24769ce49020f0cadc271f9de025134f1c04fbe48b6db076dccbb5f4f53d.exe.zip
.zip

Password: infected
eedd24769ce49020f0cadc271f9de025134f1c04fbe48b6db076dccbb5f4f53d.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 296KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 158KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE