9ec47267b3b6555a1a851b5d76478401b775906f07c29d9c4e24e82a6c85d3d7[.]exe[.]zip

General

Target

9ec47267b3b6555a1a851b5d76478401b775906f07c29d9c4e24e82a6c85d3d7.exe.zip
Size

1007KB
MD5

e78ad133cf7fcf48534f74f497675573
SHA1

fa4bd56285832e9514a4af0353e48c708af73e20
SHA256

2d4cbdad6d779a2cccb84479899361f2b092cfaa8f746f0ca01d3257202fbd63
SHA512

00cb397d67a7f358ef5eb3b13d050ef3fbb8a147e93a26a776db6a16cd18a8fa13dc64c49b17dd953102464d14059072d1073df8197133952538a21a93d91697
SSDEEP

24576:IQ3JoBd/cYLNgN9s1b69SgvRFLGpUHI7zncZzNboFHLt:IQ3+SOe9vRFWUHUmNb8rt

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/9ec47267b3b6555a1a851b5d76478401b775906f07c29d9c4e24e82a6c85d3d7.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9ec47267b3b6555a1a851b5d76478401b775906f07c29d9c4e24e82a6c85d3d7.exe
unpack002/out.upx

Files

9ec47267b3b6555a1a851b5d76478401b775906f07c29d9c4e24e82a6c85d3d7.exe.zip
.zip

Password: infected
9ec47267b3b6555a1a851b5d76478401b775906f07c29d9c4e24e82a6c85d3d7.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 22.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1017KB - Virtual size: 1020KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 847KB - Virtual size: 847KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 20.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 24B

IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 22.1MB

UPX1 Size: 1017KB - Virtual size: 1020KB

.rsrc Size: 8KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

.data Size: 847KB - Virtual size: 847KB

.rdata Size: 161KB - Virtual size: 161KB

.bss Size: - Virtual size: 20.8MB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 7KB - Virtual size: 7KB

/4 Size: 512B - Virtual size: 24B

UPX0
Size: - Virtual size: 22.1MB

UPX1
Size: 1017KB - Virtual size: 1020KB

.rsrc
Size: 8KB - Virtual size: 8KB

.text
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 847KB - Virtual size: 847KB

.rdata
Size: 161KB - Virtual size: 161KB

.bss
Size: - Virtual size: 20.8MB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 7KB - Virtual size: 7KB

/4
Size: 512B - Virtual size: 24B