056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33[.]exe[.]zip

General

Target

056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33.exe.zip
Size

38.2MB
MD5

0e3146201f6738ff070eb9ab29334ecd
SHA1

53068f2e49493a15ba40607091a59670c722e975
SHA256

952e1aa5a81e6db96150226f11dde25d2c960ab07cc4e7b422257f607c8f6040
SHA512

e33c0453d5d8f83c40e93e3822f6906524e562631cae25825ca6608deb64a5c58db67dea30bd0795d8a7c67e2fdaf95c0fc2cfe600b3dda26a446bbf8dfb6b11
SSDEEP

786432:TaSF5INqqoPShiIG2er8u+pbg4ChUf30niyBaQd4iuKB+aXCJrs3aEO6U/0HE:Tao8Vh1MhHhgIAZu5X+Ma0U/J

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33.exe

056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33.exe.zip
.zip

Password: infected
056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 172KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE