8835e42a0c6ba563a9f03271a12a315cc1bd430a7b21bbef51be21490f738efa[.]exe[.]zip

General

Target

8835e42a0c6ba563a9f03271a12a315cc1bd430a7b21bbef51be21490f738efa.exe.zip
Size

1.0MB
MD5

959570c5c959c19aedc6a0ef316996e3
SHA1

7cd552369497d79c888850f17662ce848d175559
SHA256

07a5ee1da00df89e0142d9f7c918888c5a3f39e7baf8f240498d92a30189387f
SHA512

42278cc17e3833c9a03f423f17f544286ecec92e27899a06862a40802b1eb60f9eb8097d4758f24a058dcd1283190a2cfba1c085798a12e08aecb51c4f4d0118
SSDEEP

24576:yNv6RWRneT9dAQJS3eZ1xWc4Y0bFobZRsvVXUiPYSnFvd2:06IRnceQJoezwLibZRsF/Vk

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/8835e42a0c6ba563a9f03271a12a315cc1bd430a7b21bbef51be21490f738efa.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8835e42a0c6ba563a9f03271a12a315cc1bd430a7b21bbef51be21490f738efa.exe

8835e42a0c6ba563a9f03271a12a315cc1bd430a7b21bbef51be21490f738efa.exe.zip
.zip

Password: infected
8835e42a0c6ba563a9f03271a12a315cc1bd430a7b21bbef51be21490f738efa.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 216KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE