35774c7a85d175f6c1bf16842ae706ddbffc8755d5d09350ce4dac1c4020cac9[.]exe[.]zip

General

Target

35774c7a85d175f6c1bf16842ae706ddbffc8755d5d09350ce4dac1c4020cac9.exe.zip
Size

18.1MB
MD5

19f5d9a226733ac804f08bf322dc45aa
SHA1

0f1d2d62f52ed539c04e78fc97777cab32a1a8e8
SHA256

33c9a945f9ce9ac22327311d47275ae2ca23d0eae2fa719e8308344af8a2c6eb
SHA512

d444142a69a7c5e7820d9525c246742ce746214e94885f1df286e9290b31b01787dfc989c436d6919d71fe1c2828206934a37eef10f7e30b0ccf19a9580d2ce5
SSDEEP

393216:ztodnUQbad/HCMWPqJFql/QV5KT+U2kGu1l2WBGO:qnNqHwGqlQVwCzkGEkWBGO

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/35774c7a85d175f6c1bf16842ae706ddbffc8755d5d09350ce4dac1c4020cac9.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/35774c7a85d175f6c1bf16842ae706ddbffc8755d5d09350ce4dac1c4020cac9.exe

35774c7a85d175f6c1bf16842ae706ddbffc8755d5d09350ce4dac1c4020cac9.exe.zip
.zip

Password: infected
35774c7a85d175f6c1bf16842ae706ddbffc8755d5d09350ce4dac1c4020cac9.exe
.exe windows:5 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 39.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 18.3MB - Virtual size: 18.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 213KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE