affdd8b426b547e076625f222014696ce3e56bb4c0b03e6dc176c0c89ea9dcdb[.]exe[.]zip

General

Target

affdd8b426b547e076625f222014696ce3e56bb4c0b03e6dc176c0c89ea9dcdb.exe.zip
Size

93.9MB
MD5

a951ed095a24d30a873631c91027f7c4
SHA1

eec7e579c8d6be09c192785ddab16724725aa538
SHA256

89fcc12db1b269862ce21928abaee9fc4b83b450253917db54821215c1c24a5b
SHA512

224bc4614d80a28bfd86f85e0dcc3e5caa812c730a963d56e41cdb34c7608a85263bbafa80d18ac3c899ac2e06b9d5e83339d41c3a778fa345b0621456fe0e0e
SSDEEP

1572864:I9OT5NKqHUGttyZtJQ0sMmgi2TiE2cAuKQCMIYsmHknFIi8H0h5OBYe/V5i/q+zb:GDqHDWEzSAudIYzuFIFU3OBkrCS

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/affdd8b426b547e076625f222014696ce3e56bb4c0b03e6dc176c0c89ea9dcdb.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/affdd8b426b547e076625f222014696ce3e56bb4c0b03e6dc176c0c89ea9dcdb.exe

affdd8b426b547e076625f222014696ce3e56bb4c0b03e6dc176c0c89ea9dcdb.exe.zip
.zip

Password: infected
affdd8b426b547e076625f222014696ce3e56bb4c0b03e6dc176c0c89ea9dcdb.exe
.exe windows:1 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 284KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 133KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE