6a6eee8046ddbbd154179d4fa7855d93ae6f9e7edcb19138a833a578db4d5e1d[.]exe[.]zip

General

Target

6a6eee8046ddbbd154179d4fa7855d93ae6f9e7edcb19138a833a578db4d5e1d.exe.zip
Size

93.9MB
MD5

22cf8116b4f23bce2e4f0105734aa24d
SHA1

20bf7c9e35c4dcf152f4a2400ee9d8319ec2e00c
SHA256

b94317c74deb4d5b691bc8f8f705f7ee4e4906a0b2dd2fb83c694484609cf8d8
SHA512

e900291f2c00c406b53261eb789b5ec9e9e9dc56cb6aa8e2795e6c90e770d13737fbf453d4567256206098e2a6e072998e9702644a9133be684a8ae8d0fe0d04
SSDEEP

1572864:Qb5hr5wMHYmPZUcoTCurMiHNmiKXVavcISURSku6fDm107dwPfObar+awH5QV1R2:QZwsYmPa534mMHkVm102yaXfLLol9

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/6a6eee8046ddbbd154179d4fa7855d93ae6f9e7edcb19138a833a578db4d5e1d.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6a6eee8046ddbbd154179d4fa7855d93ae6f9e7edcb19138a833a578db4d5e1d.exe

6a6eee8046ddbbd154179d4fa7855d93ae6f9e7edcb19138a833a578db4d5e1d.exe.zip
.zip

Password: infected
6a6eee8046ddbbd154179d4fa7855d93ae6f9e7edcb19138a833a578db4d5e1d.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 284KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 133KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE