967a5ece2cf192a8fbc290d91efc13223a5dc85c936c820ede0e2f1f6e3b0b74[.]exe[.]zip

General

Target

967a5ece2cf192a8fbc290d91efc13223a5dc85c936c820ede0e2f1f6e3b0b74.exe.zip
Size

2.3MB
MD5

9a568a9c02a80f2a400e68c3f6caabfd
SHA1

91f277bf3de4e15ecbeba60a9bcae49410e283ba
SHA256

7cd4254ad68f27cc74725dc655f5cf8682917fc721d2a4efcfe2ff517bafd76b
SHA512

c42a73f01bc180a84a5ce68b17c04686f69d32b06b1204b60322a8886ca8b7fab7c42c2b9df391d731dd6f76146ff99991a3f00c20e746a53d5ead12210d8eb7
SSDEEP

49152:4DP8dJmbDvnE0BbIlSjuU+K0MUsWCvSvFylWee/xiKXhGscRon7F3eVj0xn:SPAJGvE+IlS7+KndWCv2yced6h/p7Y4n

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/967a5ece2cf192a8fbc290d91efc13223a5dc85c936c820ede0e2f1f6e3b0b74.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/967a5ece2cf192a8fbc290d91efc13223a5dc85c936c820ede0e2f1f6e3b0b74.exe

967a5ece2cf192a8fbc290d91efc13223a5dc85c936c820ede0e2f1f6e3b0b74.exe.zip
.zip

Password: infected
967a5ece2cf192a8fbc290d91efc13223a5dc85c936c820ede0e2f1f6e3b0b74.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 7.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE