bb47183d6861619ac999532e49e69de6923fc906f2ad3a0d2fe781b5b73f6b29[.]exe[.]zip

General

Target

bb47183d6861619ac999532e49e69de6923fc906f2ad3a0d2fe781b5b73f6b29.exe.zip
Size

187KB
MD5

ed04dd7a085b6aed0884aad6a6864afc
SHA1

ab174abd6973f209231bb886a74f7668244a011f
SHA256

11379a9e163fe11a51fffe2208dc8b90e007c8222429df04e3c80c847276a5f1
SHA512

6df7d4ae01102cbc7d6c75a02ba424d7bcb9d822ff74643f47f6c49508da475ea3c1ded1e57377f735c37baa6de17155854039c848921af5f4f3661ca592c5ab
SSDEEP

3072:8oH0XwQFg20RcEF5tE2Of3+WrQaRuyiMbEBaE6OeOzD3aEF9xY+lPni796/FBaih:VQm7RcEF5tif3TcneEBaEoOzuEFzY+l3

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/bb47183d6861619ac999532e49e69de6923fc906f2ad3a0d2fe781b5b73f6b29.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bb47183d6861619ac999532e49e69de6923fc906f2ad3a0d2fe781b5b73f6b29.exe

bb47183d6861619ac999532e49e69de6923fc906f2ad3a0d2fe781b5b73f6b29.exe.zip
.zip

Password: infected
bb47183d6861619ac999532e49e69de6923fc906f2ad3a0d2fe781b5b73f6b29.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE