e3e63572672c93603fbb595714c34dd14b8242a216c8549a3d2cf1f564594f15[.]exe[.]zip

General

Target

e3e63572672c93603fbb595714c34dd14b8242a216c8549a3d2cf1f564594f15.exe.zip
Size

575KB
MD5

ffbed84911a95822075763a8aa0cdcb7
SHA1

56ce7a8b744d79885428a274dfeaf0634c823051
SHA256

07aa4797ce6b65ea906970e03d2809f90a22ced06d4779c74bf040a5c2afe97f
SHA512

1c2e60ab88f687d12734a43e9b992092d46dcc3dc458b9f7a5ca1a888ff3ae4dde3a1a25411e69cc7e06a46e40bb0cdd7ab8e21ba2344a7240deaf9a49872ba4
SSDEEP

12288:vRB8HFWagZJ94uSYElyp8W9jsE6hxV2t23rvXG1iV6X9:5BkgahuSYElbW9kjGgA9

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/e3e63572672c93603fbb595714c34dd14b8242a216c8549a3d2cf1f564594f15.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e3e63572672c93603fbb595714c34dd14b8242a216c8549a3d2cf1f564594f15.exe

e3e63572672c93603fbb595714c34dd14b8242a216c8549a3d2cf1f564594f15.exe.zip
.zip

Password: infected
e3e63572672c93603fbb595714c34dd14b8242a216c8549a3d2cf1f564594f15.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 577KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE