4419ee4e2881a0314f8f3b6bc3dc8814fd399f819be23b26d2d139e4055a3232[.]exe[.]zip

General

Target

4419ee4e2881a0314f8f3b6bc3dc8814fd399f819be23b26d2d139e4055a3232.exe.zip
Size

39KB
MD5

6d9108f9242dc4b4870289e83bd1c091
SHA1

b76fd94d8c734b8dbe0287e3afb6ea0ed9ac2a16
SHA256

9ab9c9ccfb84c645b7d335e017ccabec431c972666da80b5f4cf1f28b233bbdc
SHA512

9fa9d0b7406e63958f38e8cff28cc4582b5b4d36c9c9165b3e236bd0088d72dffa35b885d14ca7096ad2e38ae534ca4dc09257ffd7a313c2db03fda42ed4b8e7
SSDEEP

768:iTKPl7xV0crtauZJpjgLPOPWPl+bfKwqe/cfC9CJOSOHTj:iWpXIQWPI2wLkzWzj

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/4419ee4e2881a0314f8f3b6bc3dc8814fd399f819be23b26d2d139e4055a3232.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4419ee4e2881a0314f8f3b6bc3dc8814fd399f819be23b26d2d139e4055a3232.exe

4419ee4e2881a0314f8f3b6bc3dc8814fd399f819be23b26d2d139e4055a3232.exe.zip
.zip

Password: infected
4419ee4e2881a0314f8f3b6bc3dc8814fd399f819be23b26d2d139e4055a3232.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE