5dda95aae551653b518b198029c2d88d10e86889c39d7e9ab84c6e2d1a370bea[.]exe[.]zip

General

Target

5dda95aae551653b518b198029c2d88d10e86889c39d7e9ab84c6e2d1a370bea.exe.zip
Size

1.5MB
MD5

08f875121e37d69a69c96c53326db997
SHA1

9462e47379b72af8687ccdabfaa3d6a8d78da2fa
SHA256

ee76ef70ca19dd89eb2f77faee49ac22fc73cb0578b18d1e2bd442a65a08280c
SHA512

cd6de4f6cb36fa7d37b89fea39440103b3b040dcc3bed69169248a960a893d17e696e406be00bac37e8bd5a07fd699da0d63985e4ad29cffbcd9488d56dbe63a
SSDEEP

49152:/4T+G33Vvz+euV56v0/qVXV0aMCvEbvqZBqmMdSox5g1:/3G33V7+eu/6v0iT0aBvS+qmM3x5Y

Score

7^/10

upx

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/5dda95aae551653b518b198029c2d88d10e86889c39d7e9ab84c6e2d1a370bea.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5dda95aae551653b518b198029c2d88d10e86889c39d7e9ab84c6e2d1a370bea.exe
unpack002/out.upx

5dda95aae551653b518b198029c2d88d10e86889c39d7e9ab84c6e2d1a370bea.exe.zip
.zip

Password: infected
5dda95aae551653b518b198029c2d88d10e86889c39d7e9ab84c6e2d1a370bea.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 5.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 488KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ