117e9c6f1d6c1ddade075f26e810dbf39ba05ed4e36374344ce4b90e9b3fd0bd[.]exe[.]zip

General

Target

117e9c6f1d6c1ddade075f26e810dbf39ba05ed4e36374344ce4b90e9b3fd0bd.exe.zip
Size

8.1MB
MD5

9d2a6304a2a0b905cfbe33a252357d60
SHA1

5fe32ff6a462d82374b789c00bd3b7ec651aafef
SHA256

87e65910ecd6effea9753fd506867236c03e3d357a28d344873a48e47af2e62b
SHA512

75baba244a3e3b60afe789aca4b4a8395c779e9ee5a1dcbcde5f092f442355c535b2a882add8074e61d915c07f03e2e401cfe943185892a420047ec38c7d0410
SSDEEP

196608:LgnJiwe1DB5nPIicMwRVMkn3h5PWU9c/zJPT8i8LGT7u+Xxs:n/tpIN4m3hc2SzV9m

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/117e9c6f1d6c1ddade075f26e810dbf39ba05ed4e36374344ce4b90e9b3fd0bd.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/117e9c6f1d6c1ddade075f26e810dbf39ba05ed4e36374344ce4b90e9b3fd0bd.exe

117e9c6f1d6c1ddade075f26e810dbf39ba05ed4e36374344ce4b90e9b3fd0bd.exe.zip
.zip

Password: infected
117e9c6f1d6c1ddade075f26e810dbf39ba05ed4e36374344ce4b90e9b3fd0bd.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 11.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8.3MB - Virtual size: 8.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE