7d24a8e185800047d3549001265afd9882dd14e8b87741b0da5297fabaa0dd49[.]exe[.]zip

General

Target

7d24a8e185800047d3549001265afd9882dd14e8b87741b0da5297fabaa0dd49.exe.zip
Size

1.0MB
MD5

c4fd55328701f547e3e4a3cff6e1af6f
SHA1

3c32d72e2541f416bfd8126eb45130c2cd071991
SHA256

0f32d1b821c76dae8b5b913e1c816c7c71e7167d8fb903818d3337c61d1b81ea
SHA512

0aa8f5b83f79de89acd3cab58e7387f40c432121ee4d1a60345063d08788d22180788000ddfaa66763491c473e03090c3741672f0174c954adfa02c1805dc66f
SSDEEP

24576:X3gBg8k45Q5G6Gyx0X/0LaCRxKmdAFR60j6ZIz/WzH+xpq7JgOX:HgBg8k4iYzq0X/0LaAXdAFfj6ZBzexcD

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/7d24a8e185800047d3549001265afd9882dd14e8b87741b0da5297fabaa0dd49.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7d24a8e185800047d3549001265afd9882dd14e8b87741b0da5297fabaa0dd49.exe

7d24a8e185800047d3549001265afd9882dd14e8b87741b0da5297fabaa0dd49.exe.zip
.zip

Password: infected
7d24a8e185800047d3549001265afd9882dd14e8b87741b0da5297fabaa0dd49.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 700KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE